UPDATED 22:46 EST / FEBRUARY 06 2017

INFRA

Hacker trolls 150,000 unsecured printers to raise security awareness

A hacker has claimed to have dumped warning messages on over 150,000 unsecured Internet-connected printers in an alleged effort to raise awareness about printer security.

The gray-hat hacker, going by the name of Stackoverflowin, targeted printers made by companies including Afico, Brother, Canon, Epson, HP, Lexmark, Konica Minolta, Oki and Samsung by using a script that targets Internet-connected printing devices that had openings to external “ports” or connections.

Once the script identified a vulnerable printer, Stackoverflowin had the printer print two warnings, an initial message stamped with an ASCII art robot, and a second message featuring a computer and printer. The message claimed, among other things, that the printer was “part of a flaming botnet” and, in an allusion to improving security, added, “For the love of God, please close this port, skid.”

“Obviously there’s no botnet,” Stackoverflowin told Bleeping Computer. “People have done this in the past and sent racist flyers etc. I’m not about that, I’m about helping people to fix their problem, but having a bit of fun at the same time ; ) Everyone’s been cool about it and thanked me to be honest.”

Stackoverflowin’s decision to “pwn” printer owners follows the recent publication of a study that found that printers commonly used in enterprise environments are a security risk that can be exploited to leak information and execute code.

That study found that vendors were failing to separate page description languages such as PostScript and PJL/PCL that are used to generate the output from printer controls and that all printers tested had at least on vulnerability. There have been no recorded mass use of printers in a botnet before, but unlike Internet of Things devices, it is a known risk. HP announced several security measures in December to prevent its printers being used in such a way.

“One of the primary threats that network printers face is botnet recruitment,” Best Security Research said at the time. “All contemporary devices are in fact capable of running a sophisticated set of commands that can be used in large-scale botnet attacks.”

Image: Pixabay/Public Domain CC0

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.