A team of Columbia researchers say they ’ve find an exploit involving the embedded system find in pressman in which cyber-terrorist cangain control of the deviceand rewrite the firmware without anyone knowing , and then use that to slip information or potentially cause printers to overtake flame .
MSNBC says that the research squad first discovered the vulnerability using an HP LaserJet printer , but believe this job extends to virtually any printer connected to the internet or tie to an cyberspace - connected computing gadget . investigator claim the printing machine can be easily lease over and controlled by hackers if the printer if a substance abuser print a papers with a computer virus hidden within .
Printer security flaw have long been theorized , but the Columbia research worker say they ’ve chance upon the first - ever doorway into 1000000 of printers worldwide . In one demonstration of an attack ground on the defect , Stolfo and fellow researcher Ang Cui register how a hijacked computer could be given instructions that would continuously heat up the printing machine ’s fuser – which is designed to dry the ink once it ’s applied to paper – finally causing the paper to turn brown and grass .
In that monstrance , a thermal replacement shut the printer down – basically , do it to ego - destruct – before a fervidness pop , but the research worker consider other printer might be used as fire starters , giving computer hacker a grave new tool that could allow simple computer code to play real - world mayhem .
The researcher believe that its near out of the question to disembarrass an septic printer of malware once infect ( short of taking out the imbed component completely ) , and are making tech doomsday predictions that the entire public will have to throw their previous printer out ( which will almost certainly never encounter ) . HP , for their part , says that these vulnerability are popping up on old printer models , and that new devices have firmware with more stringent security measures built - in . Maybe this is why they desire webOS on their pressman so bad .
Update : HP respond to the claims , acknowledging the vulnerability and promising a microcode update shortly , but work down the threat , claiming that their hardware is designed to not catch fire and that no incidents have been reported as of yet .
HP LaserJet pressman have a hardware component called a “ caloric breaker ” that is plan to prevent the fuser from overheating or causing a ardour . It can not be overcome by a firmware variety or this aim vulnerability .
While HP has key out a potential security vulnerability with some HP LaserJet printers , no customer has account unauthorized access . The specific vulnerability exist for some HP LaserJet devices if set on a public cyberspace without a firewall . In a individual mesh , some printers may be vulnerable if a malicious effort is made to alter the firmware of the gimmick by a trusted party on the web . In some Linux or Mac environments , it may be potential for a especially format corrupt mark caper to set off a microcode upgrade .
HP is building a microcode upgrade to mitigate this issue and will be put across this proactively to customer and partners who may be impacted . In the lag , HP reiterates its recommendation to survey salutary practices for securing devices by placing printer behind a firewall and , where potential , disabling remote firmware upload on exposed printer .
[ MSNBC ]
double viaphotographer2222 / Shutterstock
HackersPrintersSecurityViruses
Daily Newsletter
Get the near tech , science , and civilization news in your inbox day by day .
News from the future , delivered to your nowadays .
You May Also Like
