Mass attack worldwide on internet-exposed printers

By on
Mass attack worldwide on internet-exposed printers
Warning message sent to Happy Joe's Pizza in the United States. Credit: Happy Joe's.

Users left befuddled as devices print out warning messages.

An unknown hacker has taken it upon himself to warn users that their unprotected internet-connected printers can be remotely exploited, by printing out warning messages from the devices.

Over the weekend, several users took to social media to post photographs of warning messages emanating from their printers.

The hacker, who calls himself Stackoverflowin, is automatically sending out instructions to exposed devices to generate a message telling users their printers have been "pwned" and are now "part of a flaming botnet". The message includes an ASCII art rendering of a robot from the Mec Warrior video game.

Stackoverflowin is also imploring users to "close this port, skid" to avoid their printers being attacked in the future.

While some users saw the lighter side of the warning, others were left confused when their printers generated the unexpected warning message. As of writing, the attacks are continuing around the world.

Stackoverflowin claimed to have attacked some 150,000 printers, running a script that targets devices with the internet printing protocol (IPP) enabled on transmission control protocol (TCP) port 9100.

A scan on the vulnerability reporting site showed just over 147,000 printers connected to the internet with IPP listening on TCP port 9100. Most (almost 65,000) are in the United States, while Australia shows up as having 2700.

The attacks follow the publication last week of advisories and security research that demonstrated a large amount of networked printers are remotely exploitable and contain vulnerabilities that are unlikely to ever be fixed.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?