NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security

November 29th, 2011, 14:16 GMT · By Eduard Kovacs

HP Printers May Be Remotely Set On Fire, Researchers Say

Adjust text size:

HP LaserJet printers may be exposed to cybercriminal operations

Columbia University researchers Ang Cui and Salvatore Stolfo found a vulnerability in HP LaserJet printers that could allow a hacker to remotely control it to launch cyberattacks, steal information that’s being printed and even instruct its mechanical components to overload until the device catches on fire.

According to MSNBC, Cui and Stolfo revealed that the flaw they found does not affect only HP printers, but also other devices utilized by millions of individuals and companies that so far were considered to be safe.

In one of the cases of the HP printers which they thoroughly tested, the researchers relied on the fact that remote software updates are not checked for signatures or certificates when they’re being installed, but this wasn’t the only issue.

In another demonstration, by sending the device a specially crafted print job, they were able to inject a code that would automatically scan printed documents for sensitive information, transmitting the sensitive data to a Twitter feed.

They showed that an infected computer could instruct the printer’s fuser, the one that melts toner particles to make them stick to the paper, to continuously heat up until the device self-destructs or, if it lacks a fuse, to set itself on fire.

Even more worryingly, during the tests they also proved that a hijacked printer could act as a gate-opener for a full-effect attack on a company network. They even made a demo from computers running Mac and Linux operating systems.

“Printers have been a weak spot for many corporate networks. Many people don’t realize that a printer is just another computer on a network with exactly the same problems and, if compromised, the same impact,” said F-Secure’s Mikko Hypponen.

HP representatives argue that the situation might not be all that disastrous, claiming that their newer models do check for signature while performing firmware updates. However, they’re currently investigating the issue to determine exactly who is affected and what can be done about it.

Even though later printer models should be more secure, the researchers claim that one of the printers used in their tests was purchased not long ago.

FILED UNDER:

TELL US WHAT YOU THINK:

5,370 hits · 9 comments · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Children's Online Games Hide Bank Account Stealing Malware

Linux Bug and Vulnerability Detector Released by Australian Researcher

German Company Advertises Spy Tool That Relies on iTunes Flaw

Apple Fixes Charlie Miller's Kernel Bug in iOS 5.0.1

TimThumb Wordpress Plug-In Exploit Makes More Victims

READER COMMENTS:

Comment #1 by: Nick on 29 Nov 2011, 18:34 UTC	reply to this comment
Okay...can we at least get the model numbers of the HP printers that may become vulnerable to attack?

Comment #1.1 by: Eduard Kovacs on 01 Dec 2011, 07:12 GMT

HP did make a statement recently but no one knows precisely which of the models are affected. They said they will contact all their customers who might be affected.

Here is what HP had to say on the issue:
http://news.softpedia.com/news/HP-Thermal-Breakers-Installed-in-Printers-Prevent-Fires-237392.shtml

Comment #2 by: Keen on 29 Nov 2011, 19:13 UTC	reply to this comment
Did you actually do any research on how printers work before you wrote this paper? A fuser does not "dry off the paper". The toner used in laserjet printers is a dry powder. The fuser heats up the toner to a temperature that affixes it to the paper. Also, "purchased not long ago" is pretty vague, did they provide a model number?

Comment #2.1 by: Eduard Kovacs on 01 Dec 2011, 07:19 GMT

Technically speaking, what you said is correct. I've made a correction to the article so there will be no confusion.

'Purchased not long ago' is actually September.

Finally, this is what HP said regarding the incident:
http://news.softpedia.com/news/HP-Thermal-Breakers-Installed-in-Printers-Prevent-Fires-237392.shtml

Comment #2.2 by: Another taken aback on 01 Dec 2011, 17:18 GMT

The fuser doesn't dry off the ink either, Eduard. The ink is already dry. It actually melts toner particles so they will stick to the paper.

Comment #2.3 by: Eduard Kovacs on 02 Dec 2011, 08:17 GMT

My sources were wrong. Thanks!

Comment #3 by: chrisclu on 30 Nov 2011, 19:44 UTC	reply to this comment
I find it hard to believe that someone savvy enough to be using a network printer, would not be behind a secured router. Seriously??

Comment #3.1 by: tombbonb on 01 Dec 2011, 18:46 GMT

e-printers will allow printing from the internet therefore getting through a router if email is permitted.

Comment #4 by: Intrepid on 01 Dec 2011, 22:53 UTC

reply to this comment

HP today issued the following statement:

Today there has been sensational and inaccurate reporting regarding a potential security vulnerability with some HP LaserJet printers. No customer has reported unauthorized access. Speculation regarding potential for devices to catch fire due to a firmware change is false.

HP LaserJet printers have a hardware element called a “thermal breaker” that is designed to prevent the fuser from overheating or causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability.

While HP has identified a potential security vulnerability with some HP LaserJet printers, no customer has reported unauthorized access. The specific vulnerability exists for some HP LaserJet devices if placed on a public internet without a firewall. In a private network, some printers may be vulnerable if a malicious effort is made to modify the firmware of the device by a trusted party on the network. In some Linux or Mac environments, it may be possible for a specially formatted corrupt print job to trigger a firmware upgrade.

HP is building a firmware upgrade to mitigate this issue and will be communicating this proactively to customers and partners who may be impacted. In the meantime, HP reiterates its recommendation to follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed printers.

HP will continue to educate customers about security risks and the features available to address them, and take proactive steps to maintain the security of devices in the field. HP Imaging and Printing Security Solutions work directly at the device and on the network to protect information at rest and in motion, and to prevent unauthorized access.

Additional information is available at www.hp.com/go/secureprinting.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use