Millions of printers open to devastating hack attack, researchers say

hawki · Nov 29, 2011

Millions of printers open to devastating hack attack, researchers say

Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?

It’s not only possible, but likely, say researchers at Columbia University, who claim they've discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.

Printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage, the researchers argue in a vulnerability warning first reported by msnbc.com. They say there's no easy fix for the flaw they’ve identified in some Hewlett-Packard LaserJet printer lines – and perhaps on other firms’ printers, too – and there's no way to tell if hackers have already exploited it.

The researchers, who have working quietly for months in an electronics lab under a series of government and industry grants, described the flaw in a private briefing for federal agencies two weeks ago. They told Hewlett-Packard about it last week.
Click to expand...

Full Story Here:

http://redtape.msnbc.msn.com/_news/...en-to-devastating-hack-attack-researchers-say

hawki · Nov 29, 2011

HP LaserJet printers at risk of fiery hacker attack

Researchers at Columbia University claim to have discovered a security vulnerability in "tens of millions" of HP LaserJet printers that could allow a remote hacker to install malicious firmware.

In a demonstration of the physical damage that could be done by the hack, Columbia researchers Professor Salvatore Stolfo and Ang Cui showed how a compromised PC could tell a hacked printer to continually heat up a component, eventually causing paper to turn brown and smoke.

In that demonstration, a thermal switch shut the printer down - basically, causing it to self-destruct - before a fire started, but the researchers believe other printers might be used as fire starters, giving computer hackers a dangerous new tool that could allow simple computer code to wreak real-world havoc.

In another demonstration, Cui showed how printing a tax return on a compromised printer could lead to the information being sent to a second computer under the control of a hacker. The second PC then scanned the document for sensitive data and published it to a Twitter feed.

How would a printer be compromised? The most obvious way would be by tricking a computer user into printing a booby-trapped document, but if a printer is configured to accept jobs via the internet then the firmware could be updated with a malicious version remotely, without the printer's owner necessarily realising.

According to the researchers, Hewlett Packard's LaserJet printers check to see if a firmware upgrade is included in the data being sent to them everytime they receive a print job.

But, crucially, the printers do not look for a digital signature to verify the firmware update's authenticity opening the door for attackers to install malicious code onto the devices.

According to MSNBC, who broke news of the vulnerability, HP claims that since 2009 their LaserJet printers have required digitally signed firmware updates and the researchers must have used older models.

The researchers, however, maintain that they bought one of the hacked printers in September at a major office supply store in New York City.

Regardless of whether HP is right that newer LaserJet printers are protected against the vulnerability or not, it's clear that there may be many devices which are potentially at risk of attack.

HP says it is currently investigating the issue and that it is too early to say which products are affected or what consumers should do about it.
Click to expand...

http://nakedsecurity.sophos.com/201...Feed: nakedsecurity (Naked Security - Sophos)

Hungry Man · Nov 29, 2011

Too early to say. I use an HP Printer though lol it's off 99% of the month since I rarely have to print anymore.

ronjor · Nov 29, 2011

HP Refutes Inaccurate Claims; Clarifies on Printer Security

PALO ALTO, Calif., Nov. 29, 2011

HP today issued the following statement:

Today there has been sensational and inaccurate reporting regarding a potential security vulnerability with some HP LaserJet printers. No customer has reported unauthorized access. Speculation regarding potential for devices to catch fire due to a firmware change is false.

HP LaserJet printers have a hardware element called a “thermal breaker” that is designed to prevent the fuser from overheating or causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability.
Click to expand...

http://www.hp.com/hpinfo/newsroom/press/2011/111129b.html

cm1971 · Nov 29, 2011

Thanks for the info. I passed it along to some people I know. It makes me not regret not having a printer for a while.

siljaline · Nov 30, 2011

The latest from Sophos

Smoke and fire certainly make good hacking headlines.

Charlie Miller got advance publicity by the wheelbarrowful for his 2011 Black Hat talk - he showed how the embedded microcontroller in Macbook batteries works - by sneaking the words overcharging or fire into his abstract And recent claims that a hacker broke into a US water treatment plant and burned out a pump by repeatedly turning it on and off made headlines worldwide.
Click to expand...

Full story

CloneRanger · Dec 1, 2011

A very quick search with this inurl:hp/device/this.LCDispatcher pulled up Numerous hits. I only tried it with one, & was able to view all sorts of info But as surprising as that was, check these

Ooops !

Meriadoc · Dec 1, 2011

heh killer poke.

MrBrian · Dec 8, 2011

HP Facing Class Action Suit For Not Disclosing Printer Vulnerability

ronjor · Dec 23, 2011

HP LaserJet Firmware Update Now Available

PALO ALTO, Calif., Dec. 23, 2011

On Nov. 29, HP announced that the potential existed for a certain type of unauthorized access to some HP LaserJet printers and confirmed it has received no customer reports of unauthorized access. HP today issued the following statement:

HP has built a firmware update to mitigate this issue and is communicating this proactively to customers and partners. No customer has reported unauthorized access to HP. HP reiterates its recommendation to follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed printers.
Click to expand...

http://www.hp.com/hpinfo/newsroom/press/2011/111223xa.html

Rilla927 · Dec 23, 2011

This is scary!

siljaline · Jan 10, 2012

HP sneaks out firmware security fix

HP has quietly patched a serious security vulnerability that had left its LaserJet printers open to attack by net villains. The security bug first discovered by researchers at Columbia University, created a means for miscreants to install malware on vulnerable devices simply by uploading new firmware to them over a network or tricking users into printing a specially constructed document that installs a malicious firmware update.

The flaw, which stemmed from a failure to ensure firmware updates are digitally signed, could allow hackers to extract files previously printed or scanned by compromised devices, or launch attacks from hacked gear against more sensitive machines from within a corporate network.
Click to expand...

Article

Ranget · Jan 10, 2012

hehe we have to Update our hardware Too nowdays

Internet is being more expensive than it used to be

Log in or Sign up

Millions of printers open to devastating hack attack, researchers say

hawki Registered Member

hawki Registered Member

Hungry Man Registered Member

ronjor Global Moderator

cm1971 Registered Member

siljaline Registered Member

CloneRanger Registered Member

Meriadoc Registered Member

MrBrian Registered Member

ronjor Global Moderator

Rilla927 Registered Member

siljaline Registered Member

Ranget Registered Member

Log in or Sign up

Millions of printers open to devastating hack attack, researchers say

hawki Registered Member

hawki Registered Member

Hungry Man Registered Member

ronjor Global Moderator

cm1971 Registered Member

siljaline Registered Member

CloneRanger Registered Member

Meriadoc Registered Member

MrBrian Registered Member

ronjor Global Moderator

Rilla927 Registered Member

siljaline Registered Member

Ranget Registered Member

Useful Searches