US$ 6k UV printer came with backdoor and trojan

[madires]

A review of the Procolored V11 Pro changed into hunting down malware in the driver:
- The Maker’s Toolbox: Procolored V11 Pro DTO UV Printer Review, https://www.hackster.io/news/the-maker-s-toolbox-procolored-v11-pro-dto-uv-printer-review-680d491e17e3
- Viruses included in product I'm reviewing?, https://www.reddit.com/r/computerviruses/comments/1kbkmgq/viruses_included_in_product_im_reviewing/
- Printer company provided infected software downloads for half a year, https://www.gdatasoftware.com/blog/2025/05/38200-printer-infected-software-downloads

TL;DR:
- driver for UV printer came with backdoor and trojan for at least half a year
- manufacturer denies allegation
- security company confirms malware
- manufacturer comes up with lame excuse and uploads new driver

[SiliconWizard]

Was it intentional or the result of having outsourced development?

[madires]

I'd guess the manufacturer won't tell us that.

[eutectique]

It is also worth noting that I contacted Procolored support four times over the course of my testing, for help with figuring out the software and settings. Every single time, the agent requested multiple times that I allow them to connect remotely to my computer. Obviously, I declined every time. But I want to note that they kept asking. Do with that information what you will.

This is fishy.

[RoGeorge]

...
TL;DR:
- driver for UV printer came with backdoor and trojan for at least half a year
- manufacturer denies allegation
- security company confirms malware
- manufacturer comes up with lame excuse and uploads new driver

Thanks, very good idea to add a brief! 

[D.Burnette]

It looks like they are built around Epson printheads. So they are at least partially leveraging known-good codebases. Chances are they grabbed a library with crap in it.

Doesn't surprise me that one of the cheaper DTF/UV printers on the market has badly written drivers with embedded malware...But their "address" is on their website if you want to head to Los Angeles and bang on the door of a little rented space in an industrial strip.

It seems like they sell in Europe. Luckily in a year or so, the CRA will be enforced. Even people outside of Europe will be able to take advantage of this as a forcing function: Manufacturer doesn't respond? Report the vulnerability to the ENISA, and the manufacturer may have to stop EU sales.

[UnijunctionTransistor]

But their "address" is on their website if you want to head to Los Angeles and bang on the door of a little rented space in an industrial strip.

Exactly. Behind the tree.

[thm_w]

It is also worth noting that I contacted Procolored support four times over the course of my testing, for help with figuring out the software and settings. Every single time, the agent requested multiple times that I allow them to connect remotely to my computer. Obviously, I declined every time. But I want to note that they kept asking. Do with that information what you will.

This is fishy.

Could be, but its also normal because it allows support to actually verify your settings.
Customer might say 100 times "yes I set that setting to xyz" then you check on their machine and no, it wasn't set.. So can save time to just do it for them, instead of guiding them over the phone.

[ZGoode]

Yeah, but a screengrab could suffice here.  The only time I've ever had anyone request remote computer access is at work when the IT center needs to enter the admin password cause none of us are trusted with that.

[langwadt]

Report the vulnerability to the ENISA, and the manufacturer may have to stop EU sales.

think that'll work any better that all the safety standards preventing dangerous USB chargers and such being sold?

[peter-h]

the agent requested multiple times that I allow them to connect remotely to my computer. Obviously, I declined every time. But I want to note that they kept asking. Do with that information what you will.

That is indeed fishy, but so many vendors are doing it nowadays. Even Google (adwords) is doing it - requesting admin access to our PCs for setting up keywords on our online shop. I refuse and they just say they can't help us at all.

Many years ago, a client of mine sent out a 3.5% floppy disk which was allegedly infected with a boot sector virus (DOS days) and his customer sued him. It was settled but if you get the wrong person it can get tricky