Hackers played Doom on a printer

Security specialists from Context Information Security have demonstrated how to hack an office printer using the example of Canon Pixma.

The hacked device was completely subordinated to the experts, on which they launched the classic shooter of the 90s. As proof of remote control of the printer, the hackers made the device completely exhaust the ink supply by printing hundreds of documents.

According to hackers, the attack was successful due to the fact that the data in the firmware were encrypted using XOR. The experts also posted on the blog the technical details of the operation.
')
The printer’s web interface does not require user identification, which allows anyone to connect to it. According to one of the experts, there is a problem with updating the firmware - there is an opportunity to set another source of updates and then it will download the code that is beneficial to the hacker, for example, the game Doom.

The same tactic is applicable to an office printer also in order to infect it with a trojan, which may allow attackers to spy on the company. The device will transmit information about printed documents, and will also become a vulnerability in the entire corporate system, which hackers can already use to infect employees' computers.

Previously, the same experts hacked other devices: network storages, IP cameras and even a children's toy - a robotic rabbit that connects to the Internet.