News

Teen Hacker Demonstrates Exactly Why IoT Printers Are Stupid

What do you do when you are a bored, pissed off high-school student from the UK in front of his computer with rootkit coding skills and access to over hundreds of thousands of internet-connected “IoT” printers across the world? Well, overtake these printers to teach everyone a lesson on how stupid having everything connected to the internet is of course.  This is what hacker “Stackoverflowin” did exactly in one Saturday night in February 2017. Within a matter of hours using a simple code written in C, over 150,000 IoT devices across the world printed out ASCII art and messages claiming that the machine is “now part of a flaming botnet”.

While many of these printers are used in offices and schools, they were also being used in restaurant point-of-sale systems so a slight panic ensued and left employees wondering what should be done regarding the message. There was of course nothing to do as the message from the hacker was just a simple cautionary tale told with a modern IoT twist and there was in fact no such thing as being part of a “flaming botnet” as technically, being an IoT device, they already were exposing themselves out in the open to attacks.

VICE magazine has reached out to Stockoverflowin via Richochet anonymous instant messaging app and he confirmed that he used a remote code execution to send raw print jobs exploiting Xerox’s web control panels. It was so easy, it barely even qualifies as a ‘hack’. As a safety suggestion, he adds that aside from taking printers out of the public internet, companies should be doing something as simple as whitelisting IPs/IP subnets if connecting to the internet is necessary. Although this specific attack was actually quite innocuous and harmless, other attacks just from 2017 are not quite so with IoT printers in University of California, Berkeley actually hacked to print anti-semitic fliers earlier last month. Other American universities such as Stanford and Vanderbult reported similar attacks to their printing services as well.

IoT itself has been pushed by many tech companies and has become quite a buzzword, with the last two Consumer Electronics Show, centered almost entirely around IoT technology. It has been a strong marketing tool but as hacker Stackoverflowing pointed out succintly, it is somewhat irresponsible to leave everything out in the open when it is unnecessary. While it is undeniable that IoT is the future, it behooves everyone involved to be much more security-aware due to the nature of IoT’s accessibility.

Ron Perillo

Disqus Comments Loading...

Recent Posts

Plaion Launches Retro ZX Spectrum Computer

Plaion, a leading video game publisher, and Retro Games Ltd., a specialist in reimagined classic…

2 days ago

NVIDIA Warns of GeForce RTX 40 Graphics Card Shortages in November and December

During the latest earnings call, NVIDIA CFO Colette Kress warned of a potential GPU supply…

2 days ago

GeForce RTX 5090, RTX 5080, RTX 5070 Ti, and RTX 5070 Reportedly Coming in Q1 2025

Chinese sources say the GeForce RTX 5090, RTX 5080, RTX 5070 Ti, and RTX 5070…

2 days ago

GTA 6 Already Winning Awards Before Its Launch

GTA 6 doesn’t have an official release date yet, but it has already earned a…

2 days ago

DJI Osmo Mobile 6, 3-Axis Phone Gimbal

Stay on Point with ActiveTrack 6.0 - With upgraded tracking tech, OM 6 sticks to…

2 days ago

Drayton Wiser Smart Radiator Thermostat TRV

Pack includes three Wiser Radiator Thermostats. These smart radiator thermostats are only designed to work…

2 days ago