Hacker could exploit the lack of security measure built into fax machines with “booby-trapped” images, according to new research.
Researchers from Check Point have revealed that malicious images could exploit protocols established in the 1980s that define the format of fax messages, claiming millions of companies could be at risk.
“Fax is surprisingly still widely used even today. With over 300 million fax numbers in use,” said the security company.
With many companies using fax machines that are also printers and scanners – and so having a connection to the internal network – it’s suggested that hackers could craft an image that harbours a malicious payload to infect a vulnerable network.
Check point put the theory to the test, finding "several critical vulnerabilities in all-in-one printers which allowed us to ‘faxploit’ the printer and take complete control over it by sending a maliciously crafted fax”.
“From that point on, anything was possible. We decided the best way to showcase this control will be to use Eternal Blue in order to exploit any PC connected to the same network, and use that PC in order to exfiltrate data back to the attacker by sending…a fax.”
Using the HP Officejet Pro 6830 all-in-one printer as a test case, Check Point were able to demonstrate the security risk that lies in a modern implementation of the fax protocol.
“Using nothing but a phone line, we were able to send a fax that could take full control over the printer, and later spread our payload inside the computer network accessible to the printer.”
Check Point says that this hacking technique hasn’t been seen in the wild...yet. But urges anyone using an HP Officejet all-in-one printer to follow the instructions from HP here.