UPDATED 22:46 EST / FEBRUARY 06 2017

INFRA

Hacker trolls 150,000 unsecured printers to raise security awareness

A hacker has claimed to have dumped warning messages on over 150,000 unsecured Internet-connected printers in an alleged effort to raise awareness about printer security.

The gray-hat hacker, going by the name of Stackoverflowin, targeted printers made by companies including Afico, Brother, Canon, Epson, HP, Lexmark, Konica Minolta, Oki and Samsung by using a script that targets Internet-connected printing devices that had openings to external “ports” or connections.

Once the script identified a vulnerable printer, Stackoverflowin had the printer print two warnings, an initial message stamped with an ASCII art robot, and a second message featuring a computer and printer. The message claimed, among other things, that the printer was “part of a flaming botnet” and, in an allusion to improving security, added, “For the love of God, please close this port, skid.”

“Obviously there’s no botnet,” Stackoverflowin told Bleeping Computer. “People have done this in the past and sent racist flyers etc. I’m not about that, I’m about helping people to fix their problem, but having a bit of fun at the same time ; ) Everyone’s been cool about it and thanked me to be honest.”

Stackoverflowin’s decision to “pwn” printer owners follows the recent publication of a study that found that printers commonly used in enterprise environments are a security risk that can be exploited to leak information and execute code.

That study found that vendors were failing to separate page description languages such as PostScript and PJL/PCL that are used to generate the output from printer controls and that all printers tested had at least on vulnerability. There have been no recorded mass use of printers in a botnet before, but unlike Internet of Things devices, it is a known risk. HP announced several security measures in December to prevent its printers being used in such a way.

“One of the primary threats that network printers face is botnet recruitment,” Best Security Research said at the time. “All contemporary devices are in fact capable of running a sophisticated set of commands that can be used in large-scale botnet attacks.”

Image: Pixabay/Public Domain CC0

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU