Researchers Say Popular Printers Subject to Hacking, Captured Print Jobs, Physical Printer Damage

Researchers at Ruhr University Bochum in Germany say they’re discovered security vulnerabilities in some 20 popular brand-name network printers, including Brother International, Dell, HP Inc., Lexmark International, Samsung, and others.

Jens Müller and two other researchers at Ruhr University Bochum wrote about their findings – which they researched for about a year – this week in a blog post.

The researchers state that before performing attacks on the some 20 printers, they of course installed the newest firmware on each printer. They state that the “results of our evaluation show that we could find multiple attacks against each printer. For example, simple DoS (denial of service) attacks with malicious PostScript files containing infinite loops are applicable to each printer. Only the HP LaserJet M2727nf had a watchdog mechanism and restarted itself after about 10 minutes. Physical damage could be caused to about half of the tested device within 24 hours of NVRAM stressing. For a majority of devices, print jobs could be manipulated or captured.” The researchers state that physical damage can include physically destroying the printer.

Other attacks might involve hacking of the printer’s page description language, and enabling permanent modifications that could lead to attacks involving manipulating users’ print jobs – such, as for instance, overlaying objectionable graphics or photos to be printed, or even to replace text in print jobs “by redefining the ‘showpage’ and ‘show’ PostScript operators.”

The researchers released a Wiki page and an open-source toolkit, which can be used to either take advantage of the security flaws or test if a printer is vulnerable.

The chart below summarizes the researchers’ findings:

As can be seen, with several printers, print-jobs can potentially be obtained as they’re being sent to the printer; printers can potentially be re-set to their factory defaults’ and, in some case, hackers could obtain an enterprise’s network credentials in order to gain considerable access into the organization.

The research team importantly notes that, because of financial obstacles,” it selected printers obtained from various university chairs and facilities,” seeking to obtain “”at least one model for each of the top ten manufacturers, we practically took what we could get.”

Complete results of the researchers’ findings are available here.

More Resources

%d bloggers like this: