Office equipment carries out attacks to an internal network by means of SMB protocol.
Malicious software is set on Chinese scanners for the purpose of information plunder. Several scanners–spies were sold by many companies, including the well known company of equipment production.
Some versions of malicious software blocked system work, and abducted data on finance, data on clients, and about deliveries. Stolen information was given to the company producer.
Information security specialist considers that the company producer who sold infected scanners could be connected with criminals who made attack to the Google Company, called Aurora. At Lasyan School (Shandong Lanxiang Vocational School) in one of extensions, there was a criminals‘ staff. According to the accused producer, they don't know who infected equipment and have no relation to it.
Once you connected the scanner to the Wi-Fi network, they attacked an internal network by means of the SMB protocol right here. The virus used the RADMIN protocol by means of which it could infect more than nine servers despite blocking a firewall.
The company that became a victim of virus used special target baits by means of which the attacks became possible to stop.