December 7, 2018
As many as 50,000 printers were hacked recently to spread a message in support of notorious online personality PewDiePie.
Forbes reports that tens of thousands of printers were remotely hacked to print off a message in support of the vlogger, whose eminence on the video-sharing site is under threat. Victims of the hack were encouraged to watch Mr. Pie’s videos, in order to keep him top of the subscribers chart.
The perpetrator, known only as TheHackerGiraffe, used a search engine called Shodan, and “basic hacker skills,” to search for different open ports typically used by printers. If handled securely, ports which are capable of allowing print jobs to be authorised should not be left open to the wider world wide web, but “often because of laziness or by accident,” according to Forbes, they can be left wide open, as with the 800,000 discovered by TheHackerGiraffe.
TheHackerGiraffe chose the first 50,000 results that appeared, before using a tool found via Google to help them print en masse – in this case, the PRET, or Printer Exploitation Toolkit. It has become a fairly common trick, being deployed since the PewDiePie hack, with Andrew Morris of GreyNoiseIO discovering a nefarious individual sending print commands across the entire internet to print off a document, ironically advertising a worldwide printing service.
Forbes explains that the real danger made apparent by these attacks is that “there are an awful lot of exposed printers on the Web that can be used either for pranks like these, or worse.”
Andrew Morris opined: “Though it’s relatively uncommon for printers to be exposed directly to the internet, a bad guy would still almost certainly be able to find upwards of a few hundred thousand to a few million. My fear would be that people would get really malicious and send something like child pornography or something threatening.”
Morris’ GreyNoise tool, which specialises in rooting out activity like this, has indicated that “hundreds of people” are constantly scanning the internet for unsecured printers, meaning many could even have a map of exposed printers – a very useful tool for hackers.
Categories : Around the Industry