CyberNews experts spoke about their recent experiment on the insecurity of IoT devices, during which researchers hacked 28000 printers.
It should be noted that many information security specialists have already condemned the CyberNews team because of the unethical mode of their tests.In order to help as many people as possible secure their devices against potential cyberattacks, the CyberNews security team accessed 27,944 printers around the world and forced the hijacked devices to print out a short 5-step guide on how to secure a printer, with a link to a more detailed version of the guide on our website”, — say CyberNews representatives.
Researchers say they used the Shodan search engine to identify more than 800,000 printers with network printing enabled on the Internet, with about 447,000 unprotected from attacks.
To conduct the experiment, the researchers selected 50,000 random devices from 800,000 available printers, which they tried to access (using an automated script) and force them to print a security manual.
As a result, experts reported that they had compromised 27,944 printers out of 50,000 (that is, 56% of attacks were successful), having printed leaflets on them with a warning about insecurity. Based on this figure, researchers estimate that of the 800,000 printers connected to the Internet, at least 447,000 are unsecured.
We created our own custom script that was specifically designed to target only the printing process, without gaining access to any other features or data stored on the printers”, — argue CyberNews specialists.
It should be noted that the massive compromise of vulnerable printers for the sake of printing some kind of propaganda or very dubious pranks is not new. For example, in 2016, the famous black hat Andrew Auernnheimer, also known as Weev, similarly compromised tens of thousands of printers and forced them to print anti-Semitic leaflets.
Another similar incident occurred in 2017, when an unknown attacker forced 150,000 printers to print messages with ASCII graphics. In 2018, a hacker hiding under the nickname TheHackerGiraffe hacked into about 50,000 printers, printing flyers that were urging people to subscribe to the YouTube channel PewDiePie.
We have earlier told that The PrintDemon vulnerability is dangerous for all versions of Windows released after 1996.
