Over the past few days, a hacker who goes by “stackoverflowin,” has hijacked more than 150,000 printers and remotely printed a number of strange messages featuring illustrations of robots.
The gist of the messages: your printer is being hacked, and you might want to do something about it.
Before you start feeling better about buying that name brand printer, you may want to take a look at this list of brands he pwned: HP, Epson, Canon, Brother, Samsung, Afico, Konica Minolta, and Oki.
The hacker’s note says he is using a botnet (the hacker uses “flaming botnet” if you want to be technical), which is an attack that forces one computer to forward transmissions to another computer without its owners knowing about it. Some folks appropriately call it a zombie attack—a printer shooting out a piece of paper without you telling it to probably feels like The Ring’s Samara Morgan walking out of your TV.
Here are a few of the messages “stackoverflowin,” or @lmaostack, sent out to his victims (we must admit, his text art is on point).
https://twitter.com/nikooololo/status/828706341023789056
Whatevs, flaming botnet. I DON’T EVEN LIKE THE OFFICE PRINTER. @lmaostack pic.twitter.com/UKxE9aKxCL
— Stephanie Sánchez, PhD (@StephSanchezPhD) February 6, 2017
Hacker takes over thousands of Printers; sends alerts to users https://t.co/7b8hpjqevU
— Anonymous (@YourAnonNews) February 6, 2017
https://twitter.com/articametal/status/828555268610990080
If it happened to you, or you are afraid it might, you will want to close down port 9100 on your router. That is how the hacker is connecting and sending his message over your printer. Once that is done, add a password to your printer, and then add a password to all of your other devices, just in case.
Thankfully, this hacker is just a friendly neighborhood troll. He told Bleeping Computer he is just out to raise everyone’s awareness about the dangers of leaving printers exposed online without a firewall or other security settings enabled.
“Obviously there’s no botnet. People have done this in the past and sent racist flyers, etc. I’m not about that, I’m about helping people to fix their problem, but having a bit of fun at the same time ; ) Everyone’s been cool about it and thanked me to be honest.”
The massive attack comes just weeks after security researchers published a paper on how pathetic the state of printer security is. The document, titled “SoK: Exploiting Network Printers,” outlines the number of vulnerabilities they found in each of 20 name-brand printers they tested.
The findings are maddening:
Let this attack show that many of the electronics we purchase don’t come with adequate protection. It’s up to consumers to secure their own devices.
H/T Network World