Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
In a rather new trend, cybercriminals have begun to spread malware by spoofing printers and scanners.
These types of attacks started making headlines in late November 2017, after security researchers at Barracuda Labs witnessed an attack in which cybercriminals spoofed a printer to send a malicious attachment that appeared to be a legitimate file sent by a network printer. This malicious attachment allowed the attacker to install a backdoor to conduct surveillance and gain unauthorized access to the victim’s PC.
Earlier, in September 2017, Comodo detected two similar malware campaigns in which cybercriminals spoofed Konica Minolta copiers, printers, and scanners to send malicious attachments that appeared to be legitimate files sent by the victims’ network device. The Comodo Threat Research Lab made a blog post warning of these attacks and correctly predicting more similar attacks in the near future. But we likely still haven’t seen the last of attacks of this nature. These “printer spoofing” attacks utilize botnets of servers, individuals’ PCs, and new phishing techniques to bypass victims’ suspicions and their cybersecurity tools. To keep yourself and your company safe, here’s a rundown of how the attacks work and the security measures you should take.
Executing the Attack
The cybercriminals behind these attacks are very resourceful. They use sophisticated social engineering techniques to trick users into downloading their malicious attachments. In the case of the attacks detected in September by Comodo, the cybercriminals spoofed the model number that belonged to the Konica Minolta C224e (one of the most common models in businesses across the world) to make the email look inconspicuous.
In this case, the payload was a data-encrypting ransomware which was carefully designed to slip past machine learning algorithm-based tools from leading cybersecurity vendors, infect victims’ machines, encrypt their data, and extract a bitcoin ransom.
These attacks are very sophisticated, and they enable “A very small team of hackers to infiltrate thousands of organizations and beat A.I. and machine learning-dependent endpoint protection tools, even those leading in Gartner’s recent Magic Quadrant.” said Fatih Orhan, head of the Comodo Threat Intelligence Lab and Comodo Threat Research Labs (CTRL). “Because the new ransomware appears as an unknown file, it takes a 100% ‘default deny’ security posture to block or contain it at the endpoint or network boundary; it also requires human eyes and analysis to ultimately determine what it is- in this case, new ransomware.”
The attacks detected by Barracuda also featured spoofed emails delivering malicious PDF attachments that, in this case, gave the cybercriminal unrestricted access to the victim’s PC when downloaded.
So what should you look out for to keep yourself from falling victim to one of these attacks?
Warning Signs of Printer/Scanner Spoofing Malware
According to a recent post by security blog Hackercombat.com, “Attackers seem to focus on PDF-oriented malware, as most users think PDFs sent to their printer or scanner are harmless and coming from a safe source. The email subject reads something along the lines of “scanned from HP” or any printer within the network, and the attachment contains the malicious code. It will have a modified file name, which allows the attackers to hide the deceptive code inside the archive, imitating a ‘.pdf,’ ‘.jpg’, ‘.txt’”
So, while any attachment could be malicious, the one that should raise the biggest red flag is .pdf attachments. But, just to be on the safe side, it’s best to exercise caution when receiving any attachment from a printer, scanner, or copier.
How to protect yourself from these attacks:
There are a few basic measures you can take to protect yourself from printer/scanner/copier spoofing attacks. The same post from Hackercombat.com outlines some basic security measures that could save you. Here’s what you should do:
Free Malware Scanner
Website Vulnerability Scanner
Tags: cybersecurity,printer attack
Reading Time: 2 minutes Ransomware is a dilemma that we have been facing for quite some time now. However, in 2020, we have seen a significant rise in the total number and variety of ransomware attacks. This latest ransomware boom is most probably the outcome of organized cyber-criminal networks recognizing the revenue-generating potential of this ‘business model’—amounting to over…
Reading Time: 3 minutes Celebrate National Cybersecurity Awareness Month By Learning to Protect Against Ransomware Attacks It’s the season for pumpkin picking, leaves changing color, getting ready for Halloween parties and trick-or-treating. But ghosts and ghouls aren’t the only scary things you’ll be seeing this month: October is also National Cybersecurity Awareness Month, a time when business leaders and…
Reading Time: 2 minutes Incidents of user data theft skyrockets day by day. This time a massive data leak hit the customers of Tanzhishuju.com, a Chinese financial company developed by Shanghai Bochi Information Technology Co., Ltd. The company provides customers with a diversity of finance-related services: Small loans, online P2P credit, banking, leasing industry, and third-party payments. It…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats