{"id":24842,"date":"2018-12-05T12:05:55","date_gmt":"2018-12-05T17:05:55","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=24842"},"modified":"2019-11-15T06:31:05","modified_gmt":"2019-11-15T11:31:05","slug":"hacked-printer-pewdiepie","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/hacked-printer-pewdiepie\/24842\/","title":{"rendered":"Printers gone mad"},"content":{"rendered":"

One quiet evening, you suddenly hear a sound. It\u2019s the printer in the next room, and it\u2019s furiously printing something no one requested. You take a look and see that it\u2019s printed a leaflet urging you to subscribe to a well-known YouTube channel.<\/p>\n

A few hours later, the printer suddenly spits out an ad from a company promising to advertise goods through printers, and then starts incessantly printing all kinds of gobbledygook, mostly of extremely dubious content. What the hell is going on? Your printer\u2019s been hacked, that\u2019s what. And not only yours.<\/p>\n

Printers like PewDiePie<\/h2>\n

The above case is real, and quite recent: Last week 50,000 printers worldwide suddenly became fans of PewDiePie<\/a>, the youtuber in question. One of them was even a receipt printer at a police station, which probably raised a few eyebrows.<\/p>\n

Here\u2019s how it happened: Somewhere, a hacker was bored \u2014 and a bored hacker means trouble. It seems he had just spent four hours playing Destiny\u00a02 nonstop. If you\u2019ve ever played this game, you can imagine his frame of mind. After Destiny\u00a02-ing, he was itching to hack something, and with that in mind, he logged into Shodan, a service that allows you to search for Internet-connected devices<\/a>, also known as the world\u2019s first search engine for the Internet of Things<\/a>.<\/p>\n

The hacker decided that he would target printers and get them to print something funny (in his opinion), and so that\u2019s what he did. According to the hacker (who told the whole story himself on Twitter, where his handle is @HackerGiraffe<\/a>), he skimmed through the available information on printer protocols and the corresponding ports, and then looked for the ports on Shodan. There, he discovered more than 800,000 devices online with these ports open. He selected the first 50,000.<\/p>\n

He decided it would be funny to print a leaflet in support of famous vlogger PewDiePie, whose YouTube channel is in a battle with another channel, T-Series, for the title of most popular in the world. The message urged recipients to subscribe to PewDiePie and unsubscribe from T-Series.<\/p>\n

In the wilds of the Internet, the hacker found a program for hacking printers, wrote a simple script to run the hacking tool and send a command to the printers to print the leaflet, and then executed the script. As a result, 50,000 printers worldwide churned out the following:<\/p>\n

https:\/\/twitter.com\/TFGHighlights\/status\/1067472069850390529<\/p>\n

Partisan printer marketing<\/h3>\n

Such news could hardly be missed by the media \u2014 and soon millions of people around the world knew that hundreds of thousands of printers were hijackable.<\/p>\n

They included some enterprising minds, who promptly set up an agency offering to print ads on other people\u2019s printers<\/a> \u2014 apparently using the same method employed by @HackerGiraffe, after he kindly tweeted how to do it.<\/p>\n

To illustrate the service, information about the agency was disseminated through the same printers as before (the owners of which must have been delighted, especially the police station). The advertising brochures dropping into the printer trays boasted that the agency could hack absolutely any printer in the world. That\u2019s probably a slight exaggeration: If they use the very technique described by @HackerGiraffe, they can reach only network printers.<\/p>\n

A brief history of printer attacks<\/h3>\n

In fact, attacks on printers are nothing new, and it is somewhat surprising that the idea has only recently entered the mainstream. Back in the fax age, for example, fax spam was popular with all kinds of mischief-makers eager to distribute ads and other materials by fax. In 1991, a law was passed in the US to prohibit the practice, which also coincided with a general decline in faxes worldwide (although you won\u2019t believe in which country they are still alive and kicking<\/a>!).<\/p>\n

Speaking of printers, in 2008 researcher Aaron Weaver published an article<\/a> describing how a Web page can be created for launching print jobs on any visitors\u2019 printers. There have also been cases of mass attacks on printers \u2014 for example, in 2016 a hacker hacked network printers<\/a> at more than a dozen US colleges and printed racist leaflets on them.<\/p>\n

How to prevent your printer from going postal<\/h3>\n

Most users probably don\u2019t need their printer to be hooked up to the Internet. And only network printers can be hacked using the method described above, so it is better simply to disconnect your printer from the Internet, in which case it will still be accessible through the local network.<\/p>\n