Danger of “hijacking” printers revealed

Bleeping Computer: Tens of thousands of printers can be hacked through an open TCP port

Tens of thousands of printers can be hacked remotely, exploiting the ignorance of users. This is reported by the Bleeping Computer.

Methods for hacking a large number of printers have been uncovered by Italian security experts Giampaolo Bella and Pietro Biondi. The authors of the material noticed that a huge amount of office equipment can be connected remotely in the case of an open TCP port. In such a scenario, an attacker can “hijack” the printer and use it at his own discretion.

By connecting to the equipment through the public TCP port 9100, the hacker can use the device to carry out DDoS attacks. An attacker can also sabotage an organization by hacking multiple printers at the same time and starting printing. In addition, there is a danger of further hacking of the system and theft of personal data.

Using special software, experts scanned the network space of European countries to find IP addresses that can be connected to remotely. The authors found tens of thousands of devices with an open port 9100: about 13 thousand in Germany, almost 10 thousand in Russia, more than 6 thousand in the UK and France.

In November, Microsoft acknowledged problems with printers. The problems were explained by the release of Windows updates, in particular, updates KB5006674 for Windows 11 and KB5006670 for Windows 10.