Teacher
Professional
- Messages
- 2,670
- Reaction score
- 814
- Points
- 113
Should device owners worry and who is actually behind the attack?
The network reported that Anycubic 3D printers connected to the Internet were hacked in order to warn users about a critical vulnerability of the devices. The hacker added a file called " hacked_machine_readme.gcode", which usually contains instructions for 3D printing, with a message that the printer is susceptible to attacks due to a security vulnerability.
A good-natured message from a white hacker
The vulnerability, according to the hacker, allows potential attackers to control 3D printers (reboot, change settings, inject malicious scripts) through the MQTT API of the Anycubic service. The report also calls on the company to make the printer software public, pointing out its shortcomings.
The text file received by the affected devices says: "Your device has a critical vulnerability that poses a significant threat to your security. It is recommended that measures be taken immediately to prevent possible exploitation." Users who received this warning were advised by a good-natured hacker to disconnect their printers from the Internet until the company resolves the security problem.
According to the hacker's message, at the time of the attack, the number of vulnerable devices was 293,463 printers, but later a white hacker was found in the hacking discussion thread on Reddit and stated that the hacking message could have been sent several times to the same printer, so we are talking about several thousand printers rather than hundreds of thousands.
After reports of hacking appeared, the Anycubic app stopped working, showing the error "network unavailable", probably because the company's representatives decided to play it safe and disabled network functions. However, the white hacker said that he has already contacted Anycubic directly and provided details about the identified vulnerability, and therefore it can be assumed that the fix will not be long in coming.
Founded in 2015 in Shenzhen, China, Anycubic is considered one of the most popular 3D printer brands on the market, with sales of more than 3 million printers in more than 120 countries.
The network reported that Anycubic 3D printers connected to the Internet were hacked in order to warn users about a critical vulnerability of the devices. The hacker added a file called " hacked_machine_readme.gcode", which usually contains instructions for 3D printing, with a message that the printer is susceptible to attacks due to a security vulnerability.
A good-natured message from a white hacker
The vulnerability, according to the hacker, allows potential attackers to control 3D printers (reboot, change settings, inject malicious scripts) through the MQTT API of the Anycubic service. The report also calls on the company to make the printer software public, pointing out its shortcomings.
The text file received by the affected devices says: "Your device has a critical vulnerability that poses a significant threat to your security. It is recommended that measures be taken immediately to prevent possible exploitation." Users who received this warning were advised by a good-natured hacker to disconnect their printers from the Internet until the company resolves the security problem.
According to the hacker's message, at the time of the attack, the number of vulnerable devices was 293,463 printers, but later a white hacker was found in the hacking discussion thread on Reddit and stated that the hacking message could have been sent several times to the same printer, so we are talking about several thousand printers rather than hundreds of thousands.
After reports of hacking appeared, the Anycubic app stopped working, showing the error "network unavailable", probably because the company's representatives decided to play it safe and disabled network functions. However, the white hacker said that he has already contacted Anycubic directly and provided details about the identified vulnerability, and therefore it can be assumed that the fix will not be long in coming.
Founded in 2015 in Shenzhen, China, Anycubic is considered one of the most popular 3D printer brands on the market, with sales of more than 3 million printers in more than 120 countries.
