Hacker Takes Over 150,000 Exposed Printers

Network-connected printers around the world have been emitting mysterious messages over the weekend after a hacker claimed to have commandeered about 150,000 of the devices left accessible via the Internet.

Most of the messages – many of which were posted on social media by those affected – suggest the devices have been made part of a botnet, but the hacker in question said that isn’t the case, and that his intent was to warn users to secure their devices.

Printer invasion

Office printers, home devices and retail receipt printers are among those affected, according to messages on social media.

The stunt follows the publication of a German academic paper at the end of January that found a wide variety of security vulnerabilities in network-connected printers.

Beginning on Friday, an individual using the pseudonym Stackoverflowin began using an automated script to locate vulnerable devices and print warning messages.

A typical message read: “stackoverflowin the hacker god has returned, your printer is part of a flaming botnet, operating on putin’s forehead utilising BTI’s (break the Internet) complete infrastructure”, while another stated, “for the love of God, please close this port, skid”, referring to a “script kiddie”, or novice programmer.

The messages included email, web and Twitter contact details for Stackoverflowin, while, some versions also printed ASCII-art images of robots or computers.

‘150,000 devices’ affected

Stackoverflowin said he had accessed the devices using network port 9100, which can be closed off by changing router settings.

Security experts also urged users to set an administrator password on their devices to make it more difficult for attackers to manipulate them.

The hacker said he had accessed about 150,000 printers manufactured by HP, Brother, Epson, Canon, Lexmark and Minolta, amongst others, and that his intent was to improve security.

“I’m about helping people to fix their problem, but having a bit of fun at the same time,” he told the Bleeping Computer IT news website on Saturday. “Everyone’s been cool about it and thanked me to be honest.”

Printer vulnerabilities

Security researchers Jens Muller, Vladislav Mladenov and Juraj Somorovsky of the Ruhr University in Germany found that all of the 20 printers they tested were vulnerable to “multiple” network-based attacks.

“From a security point of view, these machines are quite interesting since they are located in internal networks and have direct access to sensitive information like confidential reports, contracts or patient recipes,” they wrote in a summary of their findings.

In an academic research paper published last week they described locking printers into an endless loop that made them unusable, spying on print jobs, using them as an entry point to attack the systems to which they were linked, and other attacks.

The insecurity of network-based devices such as routers, CCTV cameras and set-top boxes is a growing threat, with large numbers being taken over by botnets that can be used to launch denial-of-service attacks or relay spam messages.

Put your knowledge of Artificial Intelligence (AI) to the test. Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Supreme Court Permits Nvidia Investor Lawsuit To Proceed

Setback for Nvidia after Supreme Court rules class-action lawsuit against AI chip giant for misleading…

13 hours ago

TikTok Files Challenge Against Canadian Shutdown Order

Notice filed in federal court to challenge Canadian government order to shutdown TikTok's Canada's operations

16 hours ago

Apple Intelligence Launches In UK, Siri Integrated With ChatGPT

Users of the iPhone 15 and later in the UK can now experience Apple Intelligence,…

17 hours ago

US Awards Micron $6.1 Billion From US Chips Act

Biden administration awards $6.1 billion subsidy from US Chips Act for Micron's Idaho and and…

19 hours ago

California Mulls Health Warnings For Social Media Sites

Bill (if passed) could see California become the first US state to require mental health…

22 hours ago

GM Kills Cruise Robotaxi Business, After Funding Is Pulled

General Motors kills Cruise robotaxi ambitions, after halting funding for the loss-making autonomous vehicle unit

23 hours ago