- Soon after a hacker exploited thousands of printers to promote PewDiePie’s YouTube channel ads of printer hijacking services have gone live.
- An ad was spotted by cybersecurity firm GreyNoise.
- It is unknown if the service on offer is legitimate or if it was posted by trolls.
Internet printers can be exposed quite easily as showcased by a hacker who recently broke into thousands of printers to promote YouTuber PewDiePie. Any internet printer that is running older firmware is at risk, and it is expected that up to 800,000 printers can be compromised quite easily. It is not particularly difficult and requires an understanding of wireless printer systems and an exploit tool that is publicly available.
The printing service ad was spotted by cybersecurity firm GreyNoise. The ad claims that users can use the services to “to secure your spot in the most viral ad campaign in history.” The Twitter account posting the ad claims that they are trying to see if anyone is interested in such campaigns and if there is enough interest, the account holders are willing to build a web platform for creating campaigns similar to the PewDiePie incident. A worldwide campaign is priced at $250, and the advertisers promise that “Your message will reach vast amounts of printers all over the world at least once.”
We're currently mostly trying to see if anyone's interested, if people actually want to buy this we'll build a web platform with support for more printing protocols.
— printeradvertising (@printerads) December 2, 2018
Security firm GreyNoise tried to extract more information about these services, and upon asking if the advertisers are willing to publish content like Nazi propaganda campaigns, they were willing to publish them for a higher fee. The legitimacy of the printer service has been brought into question though as the advertisers claim they can reach every printer in the world which is not possible.
The advertisers’ page contains a contact named Simon Smith who is a cybersecurity professional. He denied all claims of being linked to the campaign and stated “I most definitely (naturally) have nothing to do with the printer business. It is not only a negative SEO attempt but a DDoS attempt on people’s fax machines and an attempt to deceive innocent victims as to the originating source.”