Researchers Hacked 28,000 Printers to Send a Message on Security

  • There’s still a large number of unprotected IoTs and, more specifically, internet-enabled printers.
  • A team of researchers hijacked a sample of them to print out instructions on how to secure them.
  • The potential consequences of leaving printers open to remote access are various.

Cybersecurity researchers at CyberNews decided to send a message to printer owners about the importance of securing their hardware, and what better way to do this than by hacking the devices? So, they fired up Shodan (IoT search engine), scanned the net, found 800,000 connected online, and decided to take a sample of 50,000 to use as targets. By using a custom printing script, they sent printing requests to this subset of devices.

The printing command was accepted by 27,944 devices, which printed out a “this printer has been hacked” message along with instructions on how to secure it.

printed message
Source: CyberNews

Suppose one was to extrapolate this data, the assumption that the total number of unsecured printers with internet capabilities out there would be approximately 447,000. The researchers wrote a script that hijacked the printer only to print out something, but they could have done a lot more instead.

Accessing IoTs like printers means that a remote actor could exfiltrate the data of other printing requests concerning documents that contain confidential, sensitive, or classified information. Moreover, the actors could potentially plant botnets and use the IoTs as members of their DDoS swarms.

script run
Source: CyberNews

Some people may assume that the above threats are theoretical, but they really aren’t. We have repeatedly reported on each type of these potential exploitation scenarios, and as long as you keep your IoT unsecured, you are practically leaving it open to abuse. Even if the IoT isn’t deployed in a critical environment, someone can always plant a crypto-miner and have your electricity bills raised as a result.

Related: A Hacker Has Published a List with 515k Passwords for IoT Devices

The message that was printed out gives the following four steps of securing the printers:

1. Configure the network settings so that the printer only accepts commands that originate from specific ports. That would be setting the IPPS protocol via SSL port 443.
2. Set up a firewall that filters out suspicious incoming remote access requests.
3. Check for any firmware updates and install the latest available version.
4. Change the default password of your IoTs and use something strong and unique.

Back in December 2018, a hacker known as “TheHackerGiraffe” hijacked roughly a hundred thousand printers to urge people to subscribe to PewDiePie’s YouTube channel. Only a couple of months prior to that, the same person hacked into 50,000 printers. Back then, the number of online printers was again 800,000, and the percentage of those vulnerable was more or less the same as what we see today.

This means that despite the repeated warnings and the associated security advice, nothing has changed.

REVIEW OVERVIEW

Latest

M1 MacBook Users Report Their Screens Cracking and Nobody Knows Why

A growing number of M1 MacBook owners are reporting mysterious cracks on the laptop’s screen.The users claim they never mishandled or dropped...

Scientists Prove Tricking Sophisticated Voice Authentication Systems Is Feasible

Researchers proved that state-of-the-art voice verification systems can be fooled using existing tools.All that would be needed is a set of machine-learning...

DISH and Sling TV Filed Lawsuits Targeting 4 Sports Streaming Pirate Sites

DISH and Sling TV filed a lawsuit against 'SportsBay', 'Freefeds', and 'live NBA' streaming domains.These platforms are redistributing the broadcasters’ sports channels...