Over the course of the past week, over 150,000 printers suddenly became active without their owners’ knowledge and began printing strange messages (among them “YOUR PRINTER HAS BEEN PWND’D”) as well as images of robots.
The stunt was instigated by a hacker going by the name “stackoverflowin.” The purpose of the mass hack was benign, a way of telling under-informed users that their printers are vulnerable to attack and that it might be time to take steps to prevent that. The vulnerability takes the form of leaving port 9100 open to external connections.
Some of the messages referenced Russian President Vladimir Putin’s much-publicized hacks on U.S. political figures during the 2016 election. Among them were the following:
stackoverflowin has returned to his glory, your printer is part of a botnet, the god has returned, everyone likes a meme, fix your bullsh*t.
stackoverflowin the hacker god has returned, your printer is part of a flaming botnet, operating on putin’s forehead utilising BTI’s (break the internet) complete infrastructure.
stackoverflowin/stack the almighty, hacker god has returned to his throne, as the greatest memegod. Your printer is part of a flaming botnet.
As stated in the messages, stackoverflowin used a “flaming botnet,” meaning a form of hack that forces a computer to forward transmissions to another computer without the owner’s knowledge.
Last week Jens Müller, Juraj Somorovsky, and Vladislav Mladenov went public with an advisory message about printers’ vulnerability to hacks, listing the many models that were affected. It seems that virtually all well-known printer brands are vulnerable, including HP, Epson, Canon, Afico, Konica Minolta, Brother, Samsung, and Oki.
Evidence of the hacks naturally made their way to Twitter:
Via The Daily Dot