A grey-hat hacker going by the name of Stackoverflowin says he's pwned over 150,000 printers that have been left accessible online.
Speaking to Bleeping Computer, the hacker says he wanted to raise everyone's awareness towards the dangers of leaving printers exposed online without a firewall or other security settings enabled.
For the past 24 hours, Stackoverflowin has been running an automated script that he wrote himself, which searches for open printer ports and sends a rogue print job to the target's device.
From high-end multi-functional printers at corporate headquarters to lowly receipt printers in small town restaurants, all have been affected.
Users reported multiple printer models as affected. The list includes brands such as Afico, Brother, Canon, Epson, HP, Lexmark, Konica Minolta, Oki, and Samsung.
Stackoverflowin told Bleeping Computer that his script targets printing devices that have IPP (Internet Printing Protocol) ports, LPD (Line Printer Daemon) ports, and port 9100 left open to external connections.
The script also includes an exploit that uses a remote code execution vulnerability to target Dell Xeon printers. "This allowed me to inject PostScript and invoke rouge[sic] jobs," Stackoverflowin told Bleeping about the RCE vulnerability's role.
(Score: 2) by ikanreed on Monday February 06 2017, @05:12PM
Yeah, I guess, but can we also report on the serious cringe flaw of a person using the word "pwned"?
It's indicative of something far more nefarious: an entire generation not realizing that their slang is completely out of date and kinda uncomfortable to read.
(Score: 2) by shipofgold on Monday February 06 2017, @05:46PM
OK, I'll bite...what's a better word?
For me, 'pwned' gave the right connotation of the incident.
(Score: 0) by Anonymous Coward on Monday February 06 2017, @10:42PM
p0wned.
(Score: 2) by art guerrilla on Monday February 06 2017, @11:26PM
after pwned would come pawned...