A hacker has claimed to have dumped warning messages on over 150,000 unsecured Internet-connected printers in an alleged effort to raise awareness about printer security.

The gray-hat hacker, going by the name of Stackoverflowin, targeted printers made by companies including Afico, Brother, Canon, Epson, HP, Lexmark, Konica Minolta, Oki and Samsung by using a script that targets Internet-connected printing devices that had openings to external “ports” or connections.

Once the script identified a vulnerable printer, Stackoverflowin had the printer print two warnings, an initial message stamped with an ASCII art robot, and a second message featuring a computer and printer. The message claimed, among other things, that the printer was “part of a flaming botnet” and, in an allusion to improving security, added, “For the love of God, please close this port, skid.”

“Obviously there’s no botnet,” Stackoverflowin told Bleeping Computer. “People have done this in the past and sent racist flyers etc. I’m not about that, I’m about helping people to fix their problem, but having a bit of fun at the same time ; ) Everyone’s been cool about it and thanked me to be honest.”

Stackoverflowin’s decision to “pwn” printer owners follows the recent publication of a study that found that printers commonly used in enterprise environments are a security risk that can be exploited to leak information and execute code.

That study found that vendors were failing to separate page description languages such as PostScript and PJL/PCL that are used to generate the output from printer controls and that all printers tested had at least on vulnerability. There have been no recorded mass use of printers in a botnet before, but unlike Internet of Things devices, it is a known risk. HP announced several security measures in December to prevent its printers being used in such a way.

“One of the primary threats that network printers face is botnet recruitment,” Best Security Research said at the time. “All contemporary devices are in fact capable of running a sophisticated set of commands that can be used in large-scale botnet attacks.”

Image: Pixabay/Public Domain CC0