Last Updated on 29/11/2021 by Nidhi Khandelwal
A group of Italian academics has put together a set of three attacks known as ‘Printjack,’ which warns users of the dangers of trusting their printer too much.
The attacks involve building DDoS swarms with printers, imposing a paper DoS state, and committing data breaches.
Modern printers, according to the experts, are still vulnerable to basic weaknesses and lag behind other IoT and electrical devices that are beginning to comply with cybersecurity and data privacy rules.
This lack of built-in security is especially concerning given the widespread use of printers in critical environments, businesses, and organisations of all sorts.
Locating printers that can be exploited, Shodan was used to scan European countries for machines having a publicly available TCP port 9100, which is frequently used for raw TCP/IP printing jobs, according to a study titled ‘You Overtrust Your Printer’ by Giampaolo Bella and Pietro Biondi.
Thousands of IPs responded to the port query in this search, with Germany, Russia, France, the Netherlands, and the United Kingdom having the most exposed devices.
The first sort of Printjack assault is to use the printer as part of a DDoS swarm, which threat actors can execute by using a publicly available PoC to exploit a known RCE vulnerability.
The researchers offer CVE-2014-3741 as an example, but point out that the MITRE database has at least a dozen other vulnerabilities.
Given that there are 50,000 vulnerable devices in the top 10 EU countries alone, recruiting them for DDoS assaults isn’t out of the question.