Printer malware: print a malicious document, expose your whole LAN

Discuss

28 Responses to “Printer malware: print a malicious document, expose your whole LAN”

  1. Lobster says:

    I wonder how many more years until that old chain letter, where some new insidious virus infects everything from your graphics card to your monitor cable, becomes true.

    • awjt says:

      Then it kills your dog.  This is possible now, because the HP printer will spin its wheels to make itself whine like a cat, attracting the dog.  When the dog is nearby, the printer then self-immolates, thus taking out the dog.

  2. semiotix says:

    If you’d asked me to describe a printer-based virus before seeing this, I’d have imagined something that lived on your hard drive, scanned your network e-mail traffic for certain keywords, and then printed this document on the printer in your Accounts Payable department:

    INTERNAL MEMORANDUM
    FROM: [$CEO_NAME]
    TO: [$ACCOUNTS_PAYABLE_NAME]
    SUBJ: Urgent billing matter

    It has come to my attention that we are delinquent in our debt to HRH Josef Abbadiah of the Nigerian Royal Family. I expect you to wire the full $10,000 USD to his Western Union account immediately. And don’t even remind me of your incompetence in this matter ever again, or so help me I’ll fire you and give your job to that schmuck [$OFFICE_SCHMUCK.ACCTS_PAY] just to spite you.

    Of course, that’d be the slick commercialized version. There would also be the regular old griefer versions that just made every document end with “P.S. You know what would be fun? Throwing a bucket of water on the server stack! You should totally do that!”

  3. Rob Knop says:

    HP does have firmware update software for my printer.  However, the installation instructions indicate it’s for Windows only.

    For those of us who have no Windows in our house (or Mac), can it be done?  Does anybody know if there are general firmware flashing utilities for HP printers out there that aren’t dependent on running them from a Windows machine?

  4. digi_owl says:

    Yay for turing complete languages everywhere…

  5. Cowicide says:

    I’ve always hated HP printers.  Many of them over the years have been a nightmare to share over a network with Macs.

    I’d like to pile them all into the middle of a football field within a packed stadium, then send the burn-in-a-fire command for all of them to the roar of the cheering crowd screaming, “Burn! You son of a bitches! Burn!!!”

    • awjt says:

      I started hating them when the 4000s stopped printing certain pdfs, right when the 4050s came out.  It did get fixed about two months later, but I spent hours troubleshooting this, not knowing which way was up.  It was them all along, just being sleazy.

  6. GeekMan says:

    It’s also just as easy to show up at the door dressed as the company’s technology provider and offer them a free printer, an exploit that’s been tested by security firms. It all shows that we don’t really hack machines so much as we hack people.

    Scary, but makes good LULz:

    http://drmcninja.com/archives/comic/20p52/

  7. no0ne says:

    Why does this set of attacks surprise anybody?   Any network device is vulnerable in one fashion or another.    It is why putting your whole house on-line is bad idea.   

    That having been said, you don’t need to hack the printer itself to cause chaos.    Imagine what happens if a computer in finance gets infected and starts printing the payroll or personnel files db  to random printers in the company.

  8. MrHarley says:

    So this is only for some HP LaserJet printers right? Not all HP printers?

    • patricktr says:

      I have the same question. Most google searches seem to say that it is just for LaserJet printers, but the BB article suggests that every HP printer is vulnerable. (Most likely, every HP printer is vulnerable, just not necessarily to this particular exploit…)

  9. hugh crawford says:

    This is SO last century

    I remember all this sort of stuff from back in the late 1980s when people  could embed the code to reset the password on apple laser printers in a postscript file.  Then those people would watch the dumpsters for their new printer.

  10. Hanglyman says:

    I haven’t used an HP printer ever since the one I had refused to print a black and white document because it was out of YELLOW ink. Even worse, I’d never printed anything yellow with it.

    • Hanglyman says:

      Ah. So they’re treating me like a criminal and making my printouts traceable, at MY expense.

      I don’t want to live on this planet anymore.

  11. Wooster says:

    Lovely. The most recent update I see for my HP printer is dated October 2009.

  12. manicbassman says:

    what’s really annoying about these printers and scanners etc. is that they’re usually running Linux… you should be able to fix the code yourself but they do not provide the source for the proprietary gubbins on them… oh you can get client side drivers for them, but fixing the firmware is off-limits because of the stuff they’ve put on them to secretely mark your printouts with date, time and serial numbers and in the case of scanners, to recognise if you’re trying to copy a banknote…

    • lexein says:

      Stallman was right.
      Oh, grumble all you want, but at least admit that. I’m getting a t-shirt that says exactly that.

Leave a Reply