A security researcher has discovered nearly 700 Brother printers left exposed online exposing corporate and government networks to hack.
The security researcher Ankit Anubhav, principal researcher at NewSky Security, has discovered nearly 700 Brother printers left exposed online. Anyone can access the administration panel of the printers and take control of the devices.
Anubhav disclosed its discovery via Bleeping Computer providing it a list of exposed printers.
“Accessing a few random URLs, Bleeping has discovered a wide range of Brother printer models, such as DCP-9020CDW, MFC-9340CDW, MFC-L2700DW, or MFC-J2510, just to name a few.” states Bleeping Computer.
Bleeping Computer also forwarded the list to the popular researcher Victor Gevers that once analyzed it will notify the affected organizations.
The researcher discovered many Brother printers exposed line with factory settings, in fact, Brother ships the printers with no admin password.
It is quite easy to locate these printers by using search engines like Shodan or Censys.
Anubhav explained that the printers belong to corporate and government networks and known universities.
“I’m surprised about so many known universities included in the list,” Anubhav told Bleeping. “I am planning to reach and notify the orgs with my colleague,”
An attacker can access the administration of the printers connected to the Internet and change settings, such as their passwords, causing problems to affected organizations.
The list provided Bleeping included only printers that exposed the “password.html” file that is related to the password reset page of Brother printers. The expert notices that administration panel exposed by the printers also included options to manage a firmware update.
An attacker can exploit the exposed administration panel to deliver tainted firmware and take full control of the printers.
“An attacker could include spyware-like behavior in tainted firmware updates and have printers send copies of printed documents to an attacker’s server.” continues Bleeping Computer.
“In the case of private businesses and government organizations, this could expose very sensitive information.”
Organizations running Brother printers urge to check if the devices expose the administration panel by default online, and change the default password to prevent unauthorized access to the device.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.