Hackers are taking control of enterprise printers to share anti-work and pro-union messages

In an unusual hacking campaign, a group of threat actors is taking control of thousands of printers around the world just to force the printing of anti-work messages on commercial receipts. According to a report, in these messages, workers in all kinds of businesses were invited to talk to their peers about salary and benefits issues, including phrases such as “Are you being underpaid?”

Some of these messages were shared on the r/Antiwork subreddit, described as “a community for those who want to end the institution of work and exchange ideas with other users interested in leading a life free of these kinds of obligations.”

Apparently, the hackers’ goal was to encourage workers to form unions: “You have the legal right to discuss your pay with your co-workers. How a McDonald’s in Denmark can pay the equivalent of $22 an hour and still sell a Big Mac for less than in the U.S. The answer is unions” The attacks appear to be aimed only at printers in the U.S., primarily in Maine.

Little is known about the hackers behind this campaign, although multiple theories have appeared about it. Some users believe that the subreddit linked to these messages is related to a hacktivism group similar to Anonymous, while others believe that it is just a joke that grew thanks to its exposure on the Internet.

What is confirmed is that the attack is a sample of how vulnerable these types of devices are; According to cybersecurity specialist Andrew Morris, the attackers were able to print these messages thanks to the erroneous security settings on the devices. Using the Shodan tool, it is possible to find thousands of printers and other Internet of Things (IoT) devices within reach of any attacker.

Other similar campaigns have been detected previously; for example, a couple of years ago a threat actor managed to compromise thousands of printers to share a message in support of PewDiePie, YouTube’s most famous content creator.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.