Hacker takes control of network connected printers

Printer on fire

A hacker named Stackoverflowin took control of thousands of internet connected printers this week highlighting weak security on the devices. Printer owners found that their devices had printed warning messages informing them that their printer had been owned and for them to disable remote access and included an ASCII art drawing of a robot.

Stackoverflowin announced on twitter that he wrote a program that searched for vulnerable printers and then automatically printed out the warning message to highlight the danger of having insecure remote access. Printers affected ranged from large business multi function laser devices, to home inkjets and small receipt printers and nearly all manufacturers with Brother, Epson, HP, Lexmark, Minitola all being remotely controlled. Thankfully on this occasion no damaged was caused by the hack but it goes to show how people are more aware to secure PCs for remote access but forget about other internet connected devices. Computer security researchers in Germany have recently written a paper saying how they tested 20 popular printers and found them all vulnerable to some form of hack ranging from remotely controlling to damaging the onboard firmware so they won’t print. vulnerable printers could even be used in DDOS attacks to take down websites like the one on 21 October 2016 which saw an estimated 100000 internet connected devices used in a DDOS attack against dyna which was creating 1200 gigabytes of traffic per second making it the largest ever recorded.

Computersdealstore.com recommend to ensure you keep your printers safe by disabling remote access if not required. If you do need to be able to print remotely then ensure you change default passwords to a strong password and keep the printers firmware up to date.