The story of how one attacker forced thousands of printers around the world to print flyers with a swastika



    Information security experts have long warned that many millions of electronic devices connected to the Network are vulnerable to hacking. This applies to the vast majority of IoT gadgets, manufacturers of which are more worried about the design of their devices than about the safety of users of these devices.

    And the other day, a single attacker was able to prove what they had only said before. The hacker didn’t use any particularly complicated devices or software for his work, but he managed to send home-made leaflets to thousands of printers around the world to print. The leaflets themselves will not be discussed due to their contents (swastika, racism, etc.).

    The first step in this whole story was to collect information - namely, IP connected to the Network devices from North America and Australia with an open port 9100. This can be done simply with the service Shodan or   masscan . And then everything is completely simple - we print any material with a special PostScript file.

    #! / bin / bash
    for i in `cat printers`
    do
    cat payload.ps | netcat -q 0 $ i 9100
    done


    The script for distribution consists of just a few lines (plus another file with previously collected IP addresses). Plus, the attacker used the line while true; do killall --older-than 1m netcat; sleep 1; done to remove hung connections.



    The leaflet was sent “to print” on more than 30 thousand devices. True, not all such gadgets were printers.

    The fact that the action was successful, the hacker (Andrew Orenheimer (Andrew Auernheimer), who is also known under the nickname weev) already learned from the messages on Twitter.







    As it turned out, leaflets printed printers installed in many organizations, but especially many of them turned out to be printed in American universities.

    Many users in the same Twitter said that now they are going to contact information security specialists so that this does not happen again. But the hacker is not discouraged, and is going to hold a second action in Europe, and then, maybe, again in Australia and North America.

    Interestingly, a few days later the same printers printed more leaflets - this time with anti-LGBT calls. But Orenheimer is seemingly not involved in this (in his own words).

    Also popular now: