A Trojan that sends printers crazy, making them print pages of garbled nonsense until all the paper has been used up, has seen a spike in activity.Symantec detected the Trojan.Milicenso across various countries, but the worst hit regions were the US and India followed by regions in South America and Europe, including the UK.
According to a blog post published Thursday by researchers from antivirus provider Symantec, Dubbed “Trojan.Milicenso” it has been described by security researchers as a malware delivery vehicle ”for hire” through its repeated use since it was first discovered in 2010.
The Milicenso Trojan is actually a backdoor that is used to deliver other malware on the affected machines. The infection vectors are links and malicious attachments in unsolicited emails, as well as websites hosting malicious scripts that trigger the download of the Trojan.
“Depending on the configuration, any files, including binary files, created in that folder will trigger print jobs,” said Symantec. "The Trojan creates and executes a dropper executable, which in turn creates a DLL file in the %System% folder"
It’s like dragging a system file into a plain-text editor: most of the time you’ll see garbage. Symantec said there were a number of ways the malware can find its way onto PCs, including opening a malware-laden email attachment, through a compromised website, or posing as fake video codecs.Once the malware is opened, it redirects the user to pages to serve up adverts; a common way for malware writers to generate quick revenue.