More than 150 000 printers were hacked across the globe
Could we make it any easier for hackers to hack away at our printers?
A hacker has gained access to more than 150 000 printers across the globe. The breached printers printed out the message “Hacked. Stackoverflowin/stack the almighty, hacker god has returned to his throne, as the greatest memegod. Your printer is part of a flaming botnet. Your printer has been pwn’d”
The hacker claiming responsibility says he wanted “to raise everyone’s awareness towards the dangers of leaving printers exposed online without a firewall or other security settings enabled.”
The hacker claims he wrote a script that scanned for insecure public-facing devices with open RAW, Internet Printing Protocol, and Line Printer Remote services – running on network ports 9100, 631, and 515, respectively – and fired over print jobs. This is, admittedly, trivial to do, and you can find plenty of potentially vulnerable machines on the web via Shodan. The search engine shows there are, right now, more than 143,000 devices on the public internet with port 9100 open.
Printers affected, includes HP, Epson, Canon, Brother and Samsung. Nexus Consultancy reported that Afico, Konica Minolta and Oki have also printed out warnings from stackoverflowin. If it happened to you, you might want to start by closing port 9100 on your router because that is how a/the hacker is connecting and then sending a print job to the printer. Next, add an admin password to your printer.
If your printer has been breached or you need help to secure your devices and network please get in touch with us ASAP.
Vario Services – we do IT