Hacker takes over 150,000 buggy printers
Affected printers come from HP, Brother, Epson, Canon, Lexmark, and Minolta
A hacker has managed to take over more than 150,000 networked printers including some manufactured by HP, Brother, Epson, Canon, Lexmark and Minolta.
The actor, who goes by the alias Stackoverflowin, executed a program that searched the internet to find printers that were online but didn't have basic security controls enabled.
When a printer was discovered, the program ordered the printer to alert the user by printing out a message that read, "stackoverflowin the hacker god has returned, your printer is part of a flaming botnet, operating on putin's forehead utilising BTI's (break the internet) complex infrastructure. [ASCII ART HERE] For the love of God, please close this port, skid. ------- Questions? Twitter: https://twitter.com/lmaostack."
Some earlier messages sent out to printers also included a ASCII picture of a robot or a computer, just to add a little creativity to the warning.
The attack follows the publication of a report by German researchers that highlighted printers' security holes, finding hackers could access printers' memory to rerieve sensitive documents and even passwords. Stackoverflowin's own hack serves as a stark warning to those using networked printers without having the correct security procedures in place.
Commercial printers, home printers and even receipt printers in restaurants were affected by the hack, although it doesn't seem Stackoverflowin wanted to do any harm to the victims, but rather wanted to warn them before someone else got there first and could have launched a malicious attack.
"I'm about helping people to fix their problem, but having a bit of fun at the same time," Stackoverflowin told Bleeping Computer. "Everyone's been cool about it and thanked me to be honest."
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now