Quote Originally Posted by LOLZ View Post
You are probably better off extracting the firmware from the ESU and flashing that directly (if possible) as some of the more sophisticated malware can survive the firmware upgrade procedure.

Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns – Sophos News
Quite sinister.

- - - - - - - - - - - - - - - - - - - - - -

Quote Originally Posted by oj88 View Post
I spent several hours looking for a way to extract the firmware image binary from the Epson .exe file. I even tried looking for it in program temp folders and such while the updater was running... all to no avail. There's just very little public information out there, if at all, to go about these things. This is more of a "you're on your own" type of deal.

The bin file I downloaded was extracted from the flash memory of an actual unit. I know this because everything about the source printer was also copied to mine.... printer stats, ink pad life, and even the serial number. So, do I think it's a compromised bin file? Possibly, but I highly doubt it.

Regardless, if stuff hits the fun, I have both Pi Hole and OPNsense+Zenarmor watching my back in the event it starts "calling home". But insofar as what the printer is accessing on the web, all my logs indicate that the printer is behaving normally.

Just continue to be vigilant.