Someone is selling a mass-hacking service, leaving your printer exposed

Hackers normally try to take control or manipulate your computer, but your internet-connected printers are also at risk. That is all according to a report from Vice, which finds that someone had attempted to sell a mass printing service, which could cause your printer to spit out any given message on a hackers command.

Though not really considered a hack by traditional standards, the malicious-acting person likely is taking advantage of an open network port, 9100, which allows printers to receive data. The method requires the printer to be connected to the internet, and IP packets to be routed from the attacker to the printer device and backward.

Someone claiming to have access to “reach every printer in the world” leveraged this to try and get internet connected printers to feed out messages for the mass printing hacking service, which is seen below. It is a serious concern and raises questions about how many printers can be impacted, but Vice reports that there have been inquiries into the service. Prices were apparently as high as $250 to generate a printout worldwide.

.@GreyNoiseIO just detected someone (specifically 194.36.173[.]50) spraying the entire Internet with print commands for this document advertising a world-wide printing service, similar to HackerGiraffe's PewDiePie printer hack and Weev's swastika printer hack.

— Andrew Morris (@Andrew___Morris) December 2, 2018

A previous “hack” from December 1 which printed out messages urging people to subscribe to PewDiePie also leveraged this very method. The person behind that attack claimed they got the idea after browsing through Shodan, a search engine or internet-connected devices, where 800,000 printers were listed. They then used a printer exploitation tool, which opened up an endless limit of hacking. The attack only reached out to 50,000 of those printers of which 1,500 were in India. It is not clear which models were impacted, but Vice reports that many printers are not accessible from the public internet.

“PRET had the scariest of features. Ability to access files, damage the printer, access the internal network…things that could really cause damage. So I had to do this, to at least help organizations and people that can protect themselves,” explains the PewDiePie attacker on Twitter.

This would not be the first time that printing hacking has been in the news. In September, we wrote about how hackers can use old-school printers to invade your home network. That involves malicious use of the fax function on printers from the 1990s. In that scenario, hackers were able to establish a connection with the printer, implement an exploit script, send a malicious fax right to the printer and access or target other machines.

Editors' Recommendations