A PewDiePie fan hacked 50,000 printers to promote his YouTube channel. PewDiePie, a Swedish YouTuber has been the most subscribed creator on YouTube for a few Years. However, recently the channel T-Series has gained popularity and is on its ways to become the most subscribed channel. Currently the subscriber count for PewDiePie is 72.6 million and 72.5 million for T-Series.
The Twitter user with the alias @TheHackerGiraffe hacked the printers and made them print out flyers telling people to subscribe to PewDiePie’s YouTube channels. These notices were received all over the world from small handheld receipt printers in gas stations to large organizations.
One of the messages received said:
PewDiePie is in trouble and he needs your help to defeat T-Series!….PewDie, the currently most subscribed to channel on YouTube, is at stake of losing his position as the number one position by an Indian company called T-Series, that simply uploads videos of Bollywood trailers and songs.
Hacking the printers were not too difficult. The conditions needed to hack into the printers were, that the printer needed to be connected to the internet, had to use old firmware, and the printing ports needed to be left online. @TheHackerGiraffe explained exactly how he got into the printers on his Twitter account. He first looked for vulnerable protocols on shodan, and found three printing protocols: Internet Printing Protocol (IPP), Line Printer Daemon (LPD), JetDirect. After, finding 800,000 results on shodan, he picked the first 50,000 printers using port 9100. He then came up with an message and used the tool PRET (Printer Exploitation Toolkit). The user then created a batch script, uploaded it to his server, opened a tmux session, and ran it. The hack was done, and the messages were sent.
The Twitter user has said that the hack was simply done due to boredom and did not want to cause too much harm to organizations. He further stated on Twitter that because PRET is a very powerful tool with damaging feature, he did not want to cause too much damage. Instead, he wanted to help organization raise security awareness. Although, not the best method to raise security awareness, it is important for organizations to ensure all technologies including printers and fax machines are secured and patched.
If you are looking to raise security awareness within your organization, contact LIFARS.