Skip to main content

Hacker takes over thousands of Printers; sends alerts to users

The hacker did it in a good faith and also informed HP about the vulnerability.

A critical vulnerability in printers has led to the hacking of thousands of printing devices not at just one location or city but across the globe. Reportedly, the flaw was exploited by a hacker called Stackoverflowin, who managed to hack 150,000 printers at a global level.
The hacking spree seems to be the hacker’s way to inform the world regarding the vulnerable nature of printers because as per his findings the Internet-connected printers are functioning without any firewall protection. This is the main reason why almost any hacker can exploit them, said the hacker.

“People have done this in the past and sent racist flyers, etc. I’m not about that, I’m about helping people to fix their problem, but having a bit of fun at the same time ;) Everyone’s been cool about it and thanked me, to be honest,” claimed the hacker.

To prove his point, Stackoverflowin used an automated script and scanned the web for identifying printing devices containing open port 9100, Internet Printing Protocol (IPP) and Line Printer Daemon (LPD). Once he was successful in finding such devices, he immediately issued a command to the devices for carrying out rogue printing jobs. It is worth noting that the automated script was written by Stackoverflowin as well.
The hacker also issued warning messages to the users of targeted printers. Some of the messages notified the recipient that the printer has been “Pwned” and that the device has now become a part of the “flaming botnet.” The users were asked in one of the messages to close the port. There were two different messages sent by the hacker; the first one showed ASCII art on a robot while the other showed ASCII art with a computer.






Naturally, users feel amused and confused, and many of them had no idea what to do. The problem was a lot more severe to handle because the flaw made printers from all existing brands including HP, Epson, Canon, Brother, Konica Minolta and Samsung vulnerable. All in all, 150,000 printers were hacked.

Comments

Popular posts from this blog

ES6 Arrow Function Cheatsheet

Dưới đây là một số cách để bạn có thể viết arrow functions trong ES6 . // Explicit Return, Multi-Line a => { return a } // Explicit Return, Single-Line a => { return a } // Implicit Return, Multi-line a => ( a ) // Implicit Return, Single-Line a => a // Multiple Parameters, Parentheses Required (a, b) => a, b Implicit vs Explicit Return Mỗi chúng ta có một cách viết arrow functions khác nhau. Với normal functions , nếu bạn muốn return 1 cái gì đó, bạn sẽ dùng từ khóa return . Arrow functions cũng như vậy. Khi bạn dùng từ khóa return , nó sẽ gọi là ` explicit return `. Hãy thử coi các ví dụ sau: Có thể nhận rõ ràng sự khác biệt. Khi nào thì dùng dấu ngoặc nhọn` {} `, bạn cần phải chính xác cái mà return ra. Tuy nhiên, nếu không dùng ` {} `, return sẽ là bao hàm, và bạn không cần chúng. Có một cách gọi tên cho việc đó. Khi bạn sử dụng dấu ngoặc nhọn như ở Example B thì nó gọi là ` block body `, và cú pháp ở Example C gọi là ` concise body `....

Content Injection Vulnerability in WordPress

Content Injection Vulnerability in WordPress As part of a vulnerability research project for our Sucuri Firewall (WAF) , we have been auditing multiple open source projects looking for security issues. While working on WordPress, we discovered was a severe content injection (privilege escalation) vulnerability affecting the REST API. This vulnerability allows an unauthenticated user to modify the content of any post or page within a WordPress site. We disclosed the vulnerability to the WordPress Security Team who handled it extremely well. They worked closely with us to coordinate the disclosure timeline and get as many hosts and security providers aware and patched before this became public. A fix for this was silently included on version 4.7.2 along with other less severe issues. This was done intentionally to give everyone time to patch. We are now disclosing the details because we feel there has been enough time for most WordPress users to update their sites. Ar...

Python cheatsheet for beginner

View on Github Recommended Tutorials Learn Python | CodeAcademy Progate Python Classes Video Tutorial for absolute beginners | YouTube Intro to Python | Udacity Python For Everybody Write Better Python Functions Learning Python: From Zero to Hero Automate the Boring Stuff with Python  - Recommended The New Boston Python | Youtube Think Python 2e - Green Tea Press A Byte of Python Project Euler A Whirlwind Tour of Python Python Data Science Handbook Python Class By Google  - Recommended Intro to Python for Data Science Python 3 for humans that want practical project exposure Learn Python the Hard Way Django - Python Try Django | YouTube Django Docs Django Girls MDN Web Docs SimpleIsBetterThanComplex Blog Tango With Django Book Django Class-Based Views The Algorithms Python Flask - Python The Flask Mega Tutorial Writing shorthand statements in python Python is having shorthand statements and shorthand operators. These thin...