Before anyone reading this takes the headline literally, thus venting out their office frustrations on the poor printers, let it be clarified that the term ‘break’ here means to ‘hack’. The company, which is one of the most recognized office equipment manufacturers, has just put out a notice for all hackers to try and break down the software on the device. The program, known as ‘bug bounty’, encourages hackers to find faults and vulnerabilities in the printers, for which the program is specially designed. Such programs are much sought-after in the present day, with biggies such as Google and Facebook baiting hackers with rewards to find flaws in their services.
HP started this program back in May, where 34 researchers took part. A hacker has already won the bounty. HP’S chief technologist regarding printer security stated that there is a heavy focus of hackers on devices working on Internet of Things. However, security expert focus mostly on web cameras or smart televisions, with printers the last thing on their minds. Printers have previously been victims of attacks, with the Mirai botnet in particular wrecking havoc and causing outage of Twitter, Netflix and Reddit through hacked IoT devices, which included printers. HP’s program is run through a payout and invite platform called Bugcrowd, and the registered researchers have remote access to 15 printers, on which they can wreak havoc. The jackpot reward requires the researcher to find a serious flaw such as remote code execution, which allows an attacker to gain total control of the printer.
Meanwhile, in a serious hacking incident, a 20-year old college student from Boston, Joel Ortiz, was involved in the hijacking of dozens of cellphone numbers, earning around $5 million in the process. While authorities were able to nab Ortiz, his accomplices areyet to be found. Their modus operandi consisted of the technique known as sim swapping, wherein they tricked providers such as AT&T into transferring the victim’s contact number into a SIM controlled by the target. This unsurprisingly led to resetting of the victim’s passwords as well as breaking into their online accounts. The group specifically targeted people involved in the cryptocurrency and blockchain environment.