Nearly 50,000 printers across the globe were hacked by a hacker using the alias TheHackerGiraffe for the sake of promoting PewDiePie’s YouTube channel and encouraging users to subscribe to the channel.
The hacker claims that the primary motive behind this hijacking spree is to spread awareness about printers’ cyber-security and to garner the attention of PewDiePie. The announcement was made on a newly created Twitter account @HackerGiraffe where the hacker posted that this was a harmless act conducted to highlight a major flaw in printers and to ensure that printer security is prioritized at a global level.
For your information, PewDiePie, whose real name is Felix Kjellberg, is a Sweden-based video game commentator and comedian and considered the most widely followed YouTuber for years. You’d probably be more aware of T-Series, an Indian media giant, than PewDiePie though.
From the past couple of months, PewDiePie and T-Series have been fighting over YouTube. A diss track about T-Series was also released by PewDiePie in October, which has attracted over 47 million views so far. Until Friday afternoon, both PewDiePie and T-Series had a cumulative total of 72.5 million subscribers on YouTube.
Through this hacking, TheHackerGiraffe urged the recipients of his messages to unsubscribe from T-Series and subscribe to PewDiePie instead. Moreover, recipients were asked to subscribe to two other channels namely Smile and Delete TikTok, and to get their printer fixed.
TheHackerGiraffe hacked printers located in different parts of the world including the UK, USA, and Canada. He managed to identify the vulnerable printers by searching on Shodan.io and used a tool called Printer Exploitation Toolkit or PRET to execute print commands to unprotected printers.
These are three shodan searches for three different printer ports. Combine these three numbers together, and you'll have the total amount of exposed printers. I only picked 50,000. pic.twitter.com/kVQMeMG7em
— TheHackerGiraffe (@HackerGiraffe) December 1, 2018
While speaking with The Verge, the hacker revealed that he identified 800,000 flawed printers via an online repository and he hacked them out of concern so that their vulnerability gets highlighted.
“People underestimate how easy a malicious hacker could have used a vulnerability like this to cause major havoc,” said TheHackerGiraffe.
And, he isn’t wrong in stating so because a hacker could easily have exploited the vulnerability to steal files, install malware, gain access to the inner network by using the printer as a foothold, and cause physical damage to the exposed printers.
“The most horrifying part is: I never considered hacking printers before, the whole learning, downloading and scripting process took no more than 30 minutes,” added TheHackerGiraffe.
The fact that this hacking was only a prank and not a seriously carried out attack with malicious objectives does help in diffusing the chaotic situation. TheHackerGiraffe has also provided the ports and script that he used for the hacking. However, it has definitely raised concerns, yet again, regarding the vulnerable nature of IoT devices.