Some printers just can’t help themselves: They’ve started printing out messages in support of their favorite YouTube star – PewDiePie, a Swedish comedian and video game commentator – in the battle to be the top YouTube channel against the up and coming Indian T-Series. What started as a 30 minute hack has gone global with new instances of PewDiePie support messages being printed out in Argentina, Australia, Chile, Spain, the UK, and the USA. An estimated 100,000 support messages have been printed.
Can your printer be Rick Rolled?
What started out as a 30 minute hack by TheHackerGiraffe has been repeated several times by other parties. And, as shown below, the latest messages are more than a simple support message for PewDiePie, they have a public service angle by emphasizing the printer vulnerabilities.
Security experts have pointed out that owners of the vulnerable printers could also have printed messages getting intercepted, hacked and even the printer’s computer chip getting damaged.
This is not a laughing matter
Laughter aside, the hack of thousands of printers – in homes, businesses, even police stations – to print out support messages for PewDiePie is a clear warning that something worse could happen to you and that shiny new printer that is just waiting to be unwrapped and plugged in.
“People underestimate how easy a malicious hacker could have used a vulnerability like this to cause major havoc,” TheHackerGiraffe said to the Verge. “The most horrifying part is: I never considered hacking printers before, the whole learning, downloading and scripting process took no more than 30 minutes.”
A professional opinion (anonymously, of course)
For a professional take-down of the situation, I talked to developers of print management software for modern Multi-Functional Printers for their take on the situation. These MFPs are devices in a modern office that do everything from printing/scanning/and forwarding documents. Understandably, these individuals did not want their names or the name of their software publicized.
Here are four major points they said people should remember:
- Your printer is a computer. People forget that the modern printer is much more than the dot matrix device of their childhood. It is an online computer with software and can be hacked.
- Don’t connect your printer directly to the internet. Sure, you can plug your computer directly to the internet. But you really don’t want to.
- Get that printer behind a firewall. You really want to have your computer behind a firewall which limits the communication coming in and out.
- Change that port. By default, your printer is probably set up to get documents via port 9100. Sure, this open network post is useful in making printers plug-and-play devices. It also makes it easier – as the YouTube battle has shown – to have unprotected devices print out hacker messages. If it is possible, consider changing this port.
In the professional environment – whether school or business – the responsibility for fixing this printer vulnerability rests squarely on the network admin’s shoulders. And if it is a home printer – the responsibility is yours.