cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
New Member
New Member

Workcentre 3220 hacked

Our printer recently was hacked by User Agent: libwww-perl/6.05. The point of the hack was to print Anti Jewish hate. We have our printer set up on a static ip address. Is there a way to block this from happening. Note we use a direct static ip address due to it being a printer for a food chain and needing to access it via centreware from an outside location. Our computers at the store are locked down on a gls network so they can not access. My concern is if they can access the printer can they access scanned documents. Does the printer store documents scanned for a certain period of time? If so how can we change that so once its sent it can not be recovered

0 Kudos
1 Reply
Highlighted
Valued Advisor
Valued Advisor

Re: Workcentre 3220 hacked

Hacked is absolutely not what has been done here.

You put an open access printer in a DMZ making it available to literally every person on the

internet to discover and print to it.

 

Xerox has no fault in this. All it takes to find printers on the Internet is to know what appears in your web browser when you hover over any link on a network printer web interface that isn't the IP address.

 

So say that your IP on the printer is 10.1.1.10, you go to that page and find that there is a link that has a specific chain in the address, like the linked article shows. You Google it and find all of that brand, or model that people have sitting unprotected on the LAN.

 

From that people can Google the default admin account and do whatever they want with the device assuming you have not changed those credentials.

 

Even buying a printer that requires authentication to print isn't securing it, if you need to share a printer to remote locations you need to use a VPN or use an service like Google cloud print. But Cloudprint will only print from Chrome, so whatever you print would require it to be opened in Chrome, and would need to be logged into with the same Gmail account at all locations.

Please be sure to select "Accept Solution" and or select the thumbs up icon to enter Kudos for posts that resolve your issues. Your feedback counts!

Joe Arseneau
0 Kudos