copier – WindowsTechs.com

Message from KM_C224e with zip attachment delivers new version of Cerber Ransomware

Posted on June 7, 2017 by Myonlinesecurity

Following on from last weeks Dridex campaign using Message from KM_C224e is today’s somewhat different version using the same subject and email template but with a zip attachment containing a .exe file. They still pretend to come from copier @ your own email domain. These are delivering Cerber Ransomware Update: this … Continue reading → Continue reading Message from KM_C224e with zip attachment delivers new version of Cerber Ransomware→

More Dridex banking Trojan delivered via pdf Message from KM_C224e pretending to come from copier at your own email address

Posted on June 2, 2017 by Myonlinesecurity

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled word doc is a blank / empty email with the subject of Message from KM_C224e pretending to come from copier at your email address that delivers Dridex banking Trojan They are using email addresses … Continue reading → Continue reading More Dridex banking Trojan delivered via pdf Message from KM_C224e pretending to come from copier at your own email address→

The Princess and the HDD: Poor Design Choices

Posted on May 4, 2017 by Lewin Day

You’ll all remember my grand adventure in acquiring a photocopier. Well, it’s been a rollercoaster, I tell ya. While I still haven’t found a modification worthy enough to attempt, I have become increasingly frustrated. From time to time, I like to invite my friends and family over for dinner, and conversation naturally turns to things like the art on the walls, the fish in the aquarium, or perhaps the photocopier in the living room. Now, I dearly love to share my passions with others, so it’s pretty darned disappointing when I go to fire off a few copies only to …read more

Continue reading The Princess and the HDD: Poor Design Choices→

What Does a Hacker Do With A Photocopier?

Posted on February 24, 2017 by Lewin Day

The year is 2016. Driving home from a day’s work in the engineering office, I am greeted with a sight familiar to any suburban dwelling Australian — hard rubbish. It’s a time when local councils arrange a pickup service for anything large you don’t want anymore — think sofas, old computers, televisions, and the like. It’s a great way to make any residential area temporarily look like a garbage dump, but there are often diamonds in the rough. That day, I found mine: the Ricoh Aficio 2027 photocopier.

It had spent its days in a local primary school, and had …read more

Continue reading What Does a Hacker Do With A Photocopier?→

another set of emails pretending to come from scanner@ copier@ epson@ canon@ hp@ your own domain JS malware delivering Locky

Posted on April 29, 2016 by Myonlinesecurity

Yet another set of emails with blank empty bodies pretending to come from scanner@, copier@, epson@, canon@, hp@ and any other copier/printer/scanner/MFD at your own domain with one of these subjects Attached Doc / Attached File / Attached Image / Attached Document with … Continue reading → Continue reading another set of emails pretending to come from scanner@ copier@ epson@ canon@ hp@ your own domain JS malware delivering Locky→

Message from KMBT_C224 pretending to come from copier at your own domain – JS malware leads to Locky ransomware

Posted on March 22, 2016 by Myonlinesecurity

Last revised or Updated on: 22nd March, 2016, 6:32 PMAn empty / blank email with the subject of Message from KMBT_C224 pretending to come from copier at your own domain with a zip attachment is another one from the current bot runs which downloads Locky Ransomware They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: copier@victimdomain.tld Date: Tue 22/03/2016 18:07 Subject: Message from KMBT_C224 Attachment: SKMBT_C4335050508359.zip Body content: totally blank Screenshot: These malicious attachments normally have a password stealing component, with … Continue reading → Continue reading Message from KMBT_C224 pretending to come from copier at your own domain – JS malware leads to Locky ransomware→