Your laser printer might burn through plenty of paper. But a new study claims that innocuous-looking printer could be a gateway for remote hackers out to steal your identity—and maybe even physically burn you.
According to MSNBC, researchers at Columbia University claim they have discovered a new class of online vulnerability: bogus firmware updates to networked laser printers. The researchers told the news website that clever hackers can reverse-engineer the software commands used internally by laser printers and then create bogus updates, which are loaded when unsuspecting victims send a duplicitous document to the printer.
The bogus updates, say the researchers, can be designed to steal printed data—say a person’s online banking statement—or even physically damage the printer. In one test demonstrated to MSNBC, for example, the researchers caused a printer’s thermal infuser—used to heat and dry the printer’s ink toner—to overheat and cause the printer to smolder.
Researchers at the Computer Science Department of Columbia University’s School of Engineering and Applied Science said they conducted the vulnerability research using printers made by HP. Columbia professor Salvatore Stolfo, who directed the research, told MSNBC:
The research on this is crystal clear. The impact of this is very large. These devices are completely open and available to be exploited.
According to MSNBC, federal authorities as well as HP have been briefed by the researchers of their discovered vulnerabilities. Keith Moore, chief technologist for HP’s printer division, told MSNBC that the company is still assessing the discovery and takes the possible security threat “very seriously,” Moore believes that the risk to ordinary consumers is low, though, since the vulnerabilities may apply only to newer, networked laser printers.
For tips on how to protect your computers and personal data, check out Consumer Reports Guide to online security.
Exclusive: Millions of printers open to devastating hack attack, researchers say MSNBC
There are no posts related to Report: Laser printers can be remotely hacked to steal data.
Report: Laser printers can be remotely hacked to steal data