In a new paper, researchers have highlighted a selection of attacks that demonstrate the risks posed by wireless printers that have been secured improperly.
Authored by security analysts Giampaolo Bella and Pietro Biondi, the report unpacks three attack vectors (referred to collectively as Printjack) that could be used to hijack the many thousands of printers with a publicly accessible TCP port 9100, which facilitates network printing jobs.
One attack in particular, described as “paper denial-of-service (DoS)”, could be used to troll printer owners by triggering jobs remotely until their paper and/or ink supplies are exhausted. Supposedly, this attack can be carried out using a simple Python script.
Not-so-funny printer attacks
In comparison to other internet-connected devices, the measures in place to protect even the most modern printers are extremely basic, the researchers say. And although paper DoS attacks are relatively harmless, there are more sinister ways a hacker could abuse exposed machines.
For example, a threat actor could hijack vulnerable printers for the purposes of launching distributed denial-of-service (DDoS) attacks, by combining a known vulnerability with a widely available proof-of-concept exploit.
Beyond the fact the printer has become part of a cybercriminal campaign in this scenario, the machine itself …read more
NASA Chooses Spacex To Launch A Self Propelled Space Station To The Moon