Chinese Printer Driver Caught Running Bitcoin-Stealing Malware—Because Why Hack a Wallet When You Can Print Money?
Security researchers uncovered malware embedded in a Chinese printer driver—turning ordinary office equipment into a crypto thief. The exploit siphons Bitcoin wallets during print jobs, proving even the most mundane tech can be weaponized.
How it works: The driver installs a backdoor during routine updates, then scans for crypto wallet files. Once found, it exfiltrates private keys faster than you can say ’hardware wallet superiority.’
Finance jab: Wall Street still thinks blockchain is ’just for drugs,’ while hackers are literally printing their own returns.
Overview of the hacker address (Source: Yu Xian)
Interestingly, he found that all the stolen BTC was not due to the printer alone, as the malware had been active for eight years and infected several applications. The first theft happened back in April 2016, while the most recent was in March 2024.
Bitcoin attack vectors continue to grow with crypto market expansion
Meanwhile, the incident highlights the variation of threats that crypto users are facing. With the crypto market expanding in size and value and attracting more mainstream attention, bad actors have also turned their eyes toward it.
The result is a growing number of attack vectors that the average crypto user may need to face. These attacks, ranging from phishing to malware to exploiting vulnerabilities, have allowed bad actors to make over $1.7 billion this year alone.
While most of these attack vectors are not new, scammers also leverage some crypto users’ ignorance to steal their funds. For instance, users of hardware wallet Ledger have been getting physical letters and fake wallets that look like the original ledger, asking them to migrate their crypto assets to the new device.
According to experts, this scam is not new. It dates back to 2021, when hackers gained access to the information of several Ledger users, including their names, emails, and even physical mailing addresses. However, some users are still falling victim to it.
Physical threats pushing crypto whales to increase their security
Interestingly, the risk of exploiting and being the target of phishing scams is not the only challenge crypto users face. There have also been increasing physical and violent attacks on known crypto holders and their relatives.
Recently, the daughter of Paymium CEO Pierre Noizat was almost abducted in Paris. Paymium is a France-based crypto exchange. This was not a one-off incident, as the father of another crypto entrepreneur was previously abducted in the city but rescued by the police.
Even the co-founder of Ledger, David Ballant, was also abducted in January with his wife in Paris and had his finger severed before his eventual release.
While France appears to be the hotspot, there have also been several incidents in other countries. A public directory of known crypto attacks by Jameson Loop showed that there have been three attacks this month, with the most recent happening on May 14 when three Chinese citizens tried to rob a mining facility in Paraguay.
With the risks of physical attacks for crypto users now rising, it is unsurprising that large crypto holders are turning to private security firms. According to reports by Bloomberg, Wall Street Journal, and Wired, crypto whales have increased their demand for bodyguards.
That demand will likely increase with recent data leaks from exchanges putting personal information, including crypto users’ physical locations, in bad actors’ hands.
KEY Difference Wire helps crypto brands break through and dominate headlines fast
