Comprising a Network Through the Printer

By Deane Barker on December 30, 2011

Printer malware: print a malicious document, expose your whole LAN: Holy cats, this is so not cool.

As part of his presentation, he performed two demonstrations: in the first, he sent a document to a printer that contained a malicious version of the OS that caused it to copy the documents it printed and post them to an IP address on the Internet; in the second, he took over a remote printer with a malicious document, caused that printer to scan the LAN for vulnerable PCs, compromise a PC, and turn it into a proxy that gave him access through the firewall (I got shivers).

So, by just getting someone to print a certain document, he compromised the entire network.

Gadgetopia