Hackers Enable Guerrilla Marketing Campaigns With Mass Printer Hijacking Service
A group of hackers claims to have a service that will allow anyone willing to spend $250 to send out a "marketing" campaign that can reach "every single printer in the world." The people are offering to sell advertisers a spot in "the most viral ad campaign in history" according to the advertisement for the service.
Security experts the world over have had concerns about the security of Internet of Things (IoT) devices and the security of web-connected printers specifically. HP has in the past offered $10,000 in bug bounty money to get white hat hackers to find bugs in its printers. We also talked in depth about some of the security hazards that the IoT posed last year.
Hackers have taken advantage of internet-connected printers recently to send offices and homes around the world a printout that urged them to subscribe to PewDiePie's YouTube channel. Such hacks are technically sophisticated, but this new service claims that if enough people are interested in using its hack for "marketing," it will build a web platform with support for more printing protocols. Motherboard contacted the person claiming to be running the print service and reports that the person says they haven't made a sale yet.
The person claiming to operate the network for connecting to printers says that they would run questionable material, such as Nazi propaganda, but would charge more for that. Some security experts doubt that the hackers can reach as many printers as they claim. The hackers claim on their website to have the ability to reach every printer in the world, which is false since some printers aren't accessible via the internet.
The hackers also have a link at the bottom of the page advertising the hack service that links to the website and Instagram for Simon Smith, an Australian cybersecurity specialist. Smith denies having any part in the operation of the company. Smith told Motherboard, "I most definitely (naturally) have nothing to do with the printer business. It is not only a negative SEO attempt, but a DDoS attempt on people's fax machines and an attempt to deceive innocent victims as to the originating source."