Printers Hacked Again by PewDiePie Supporters
Hackers used their abilities to control printers as a way to increase the subscriber count of YouTuber Felix ‘PewDiePie’ Kjellberg.
For quite some months PewDiePie was competing with Bollywood YouTube channel T-Series to see who will end up as the most subscribed to on YouTube.
As the going got tough, more and more people started taking up extreme measures to help PewDiePie maintain his position on top and push off T-Series’ further down.
One of those extreme steps is remote hacking of printers around the world and forcing them to print the message that ask the users to subscribe to PewDiePie on YouTube, but also calls on victims to improve their security.
Speaking anonymously online the original hacker told the BBC “I’ve been trying to show that ‘hacking’ isn’t a game or toy, it can have serious real-life consequences.”
“We really want people to pay attention to this because causing physical damage is very much a possibility.”
Hackers commandeered around 50,000 printers caused the devices to throw out papers with requests to subscribe to PewDiePie’s YouTube channel. They also want people to unsubscribe from T-Series so that PewDiePie remains the only contender for the top spot on the video platform. According to BBC, the second round of attacks has happened with the message changing slightly this time but being printed out on over 100,000 devices.
BBC reported that the people who took control of the printers did indeed hack them, they told BBC that part of the goal behind the attack on printers was to raise awareness for how serious hacking is.
Some people have shared evidence online of the latest hacking event by showing messages that they received through their printers. One user had labels that urged them to subscribe to PewDiePie, and when a Twitter account that appears to be associated with the printing attacks asked them to “show the rest,” the remainder of the message showed the bottom of the printout where it called for people to fix their printers.
More evidence of the printer hackings like the images shown above is expected to be seen soon when people return to work seeing how the attacks took place over the weekend, BBC theorized.
The potential financial costs to this are obvious but the hacker also pointed to another danger that his stunt has thrown up.
“The fallout goes beyond print-outs, we could also be capturing sensitive documents as they get printed or even modify documents as they get printed.”
Although the hacker can geo-locate the countries that he is affecting, it’s not clear whether or not a targeted attack on an individual company or household is possible.
The BBC has not been able to verify the claim, but people from countries including the UK, US, Argentina, Spain, Australia, and Chile have posted pictures on social media of the latest print-outs.
More people are expected to notice their printers have created copies of the poster when they return to work on Monday.
It reads: “PewDiePie is in trouble and he needs your help to defeat T-Series!”
PewDiePie has been YouTube’s most subscribed since 2013 with about 77 million followers on the platform, and now it looks like the Indian music and movie studio T-Series is likely to overtake this lead, which has led PewDiePie fans to come up with this stunt to increase subscriber count.
Security vendors say this shows how vulnerable some organizations can be to attack through the plethora of connected devices that fill modern office spaces.
How to fix it:
• Carry out regular audits of connected devices
• Install the latest security patches
• The question of whether or not everything connected to the internet really needs to be
Bob Reny from the security firm ForeScout commented: “The risk of causing financial damage, in this case, is as real as it gets”.
“And all of this because organizations or individuals installed a connected device without really taking the time to audit the implications this has on their existing network security infrastructure.”
The hackers provided contact details on the latest print-outs as a way to allow people to get in touch if they needed further help fix the exploited flaw.
One told the BBC that they believed they were breaking the law, but still thought their act was justified.
“While authorities might not see eye to eye with us, what we’re doing is much better than someone destroying printers and offices around the world in an attempt to hold printers ransom or something.”
Vulnerabilities in network printers have been known about for years but many people are unaware of the risks.
One security researcher who has studied the problem confirmed it was possible to destroy the machines by sending them commands from afar.
Jens Mueller from Ruhr-University in Germany said: “These devices should never be directly reachable over the internet.”
Kevin Jones937 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.