HomeUpdateItalian threat actors manifested why we should not trust our printers

Italian threat actors manifested why we should not trust our printers

-

Last Updated on 29/11/2021 by Nidhi Khandelwal

A group of Italian academics has put together a set of three attacks known as ‘Printjack,’ which warns users of the dangers of trusting their printer too much.

The attacks involve building DDoS swarms with printers, imposing a paper DoS state, and committing data breaches.

Italian threat actors manifested why we should not trust our printers 1

Modern printers, according to the experts, are still vulnerable to basic weaknesses and lag behind other IoT and electrical devices that are beginning to comply with cybersecurity and data privacy rules.

This lack of built-in security is especially concerning given the widespread use of printers in critical environments, businesses, and organisations of all sorts.

Locating printers that can be exploited, Shodan was used to scan European countries for machines having a publicly available TCP port 9100, which is frequently used for raw TCP/IP printing jobs, according to a study titled ‘You Overtrust Your Printer’ by Giampaolo Bella and Pietro Biondi.

Italian threat actors manifested why we should not trust our printers 2

Thousands of IPs responded to the port query in this search, with Germany, Russia, France, the Netherlands, and the United Kingdom having the most exposed devices.

The first sort of Printjack assault is to use the printer as part of a DDoS swarm, which threat actors can execute by using a publicly available PoC to exploit a known RCE vulnerability.

The researchers offer CVE-2014-3741 as an example, but point out that the MITRE database has at least a dozen other vulnerabilities.

Given that there are 50,000 vulnerable devices in the top 10 EU countries alone, recruiting them for DDoS assaults isn’t out of the question.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

edge-ai

Challenges and Opportunities in Deploying AI Solutions in Edge Computing Environments

0
Edge AI is a ground-breaking new paradigm that has the potential to completely change how companies run. Organizations can seize new chances for creativity,...