PewDiePie printer hacker strikes again: subscribe and sort out your security

The attacker told users to sort out their printer security -- and subscribe to the vlogger "overlord," too.

PewDiePie hacker takes over 100,000 printers in latest attack to boost his YouTube channel The attacker told users to sort out their printer security -- and subscribe to the vlogger "overlord," too.

Printers around the world have been reportedly compromised once again to encourage subscriptions to a famous vlogger -- as well as highlight a massive security issue.

The second attack, believed to be the work of the same individual who took control of approximately 50,000 printers in November, told the BBC that this campaign has doubled its range and up to 100,000 machines have been affected.

The scope of the claim has not been verified.

Based on their tweets, one of the hackers who has taken responsibility for the attack, @HackerGiraffe, will be taking a university exam at the same time that workers will be firing up their machines on Monday morning to potentially find the printouts.

As shown below, some users have already shared images on social media of the new printouts, of which compromised printers have been forced to produce. Users in the UK, US, Spain, Australia, and other countries are believed to be affected.

screenshot-2018-12-17-at-04-56-12.png

The flyer reads, "PewDiePie is in trouble and he needs your help to defeat T-Series!." This refers to an ongoing battle between the YouTuber -- also known as Felix Kjellberg -- and T-Series, one of India's largest music labels.

The competition, as it were, has picked up steam in recent months, with companies becoming involved, other YouTubers offering shout-outs, and fans plastering 'subscribe to PewDiePie' all over the Internet in everything from forums to online gaming sessions.

The subscription push is also related to YouTube's 2018 highlights "Rewind" video, in which PewDiePie was omitted, irritating the blogger's fan base.

The Swedish vlogger has courted controversy since 2017 with the use of racial slurs in his videos, and reportedly promoting a channel with anti-semitic content.

PewDiePie accounts for 77 million followers at the time of writing, In comparison, T-Series has just over 75 million and counting.

TechRepublic: Google is reading text in YouTube videos for search crawling without user consent

The printer messages have been urging users to subscribe to the vlogger. In a video discussing the 'Subscribe to PewDiePie' meme war, the blogger said:

"As much as I'm absolutely humbled and so happy about all the support, I do feel really weird about it."

Most importantly, perhaps, the flyers also read, "Seriously. Fix your printer. It can be abused!." Speaking to the BBC, the hacker said that his actions were based on an attempt to highlight the "real-life consequences" of such widespread attacks and the risk of leaving devices open and accessible.

CNET: Cloudflare customers reportedly include foreign terrorist groups under US sanctions

If conducted for more malicious reasons, the printers could be forced to re-write data in continuous loops -- leading to the eventual demise of the machine -- as well as capture sensitive documents and manipulate jobs sent to the printer.

See also: Razer faces backlash after asking gamers to mine cryptocurrency for rewards

In light of these potential use cases, the cost of the print and annoyance it may cause seems minimal in comparison.

The hacker said that in the original wave, he selected the first 50,000 printers found exposed and open on the Internet via the Internet of Things (IoT) search engine Shodan. However, there were roughly 800,000 printers ripe for exploit.

"Now I had to think...What to print?," HackerGiraffe added. "It didn't take me long to realize that the most perfect thing to print would be a message supporting our dear overlord @pewdiepie himself!"

The hacker then created a basic Bash script and helped along by the open-source printer penetration testing kit PRET, set to work.

While some joked about sending PewDiePie the bill for ink and paper, the situation isn't at all funny. The attack was basic, automated, and may have been able to compromise a vast array of machines.

If the hacker had malicious intentions, the issue could have been more serious -- but sent out as a warning, perhaps more printer owners will sit up and take note.

In order to prevent the compromise of printers, their firmware needs to be up-to-date and security patches must be installed. Archaic, old models without modern security updates should be taken offline.

Previous and related coverage