Friday, July 19, 2024

Hackers Hijack Anycubic 3D Printers to Display Warning Messages

Anycubic 3D printer owners have been caught off guard by a series of unauthorized messages warning them of a critical security flaw.

The incident has raised concerns about the safety of internet-connected devices and the potential for exploitation.

You can analyze a malware file, network, module, and registry activity with the ANY.RUN malware sandbox and the Threat Intelligence Lookup that will let you interact with the OS directly from the browser.

Reddit Reports of Hacked Anycubic 3D Printers

Users on Reddit began reporting unusual activity on their Anycubic 3D printers, with many finding a text file named “hacked_machine_readme” unexpectedly appearing on their devices. 

This file contained a message alerting them to a “critical vulnerability” and advising immediate action to prevent potential exploitation.

Techcrunch has recently released an article to show that Anycubic customers are reporting that their 3D printers have been hacked and now display a message warning of an alleged security flaw in the company’s systems.

Content of the Hacked_machine_readme File

The message within the text file was clear and alarming: “Your machine has a critical vulnerability, posing a significant threat to your security.

Immediate action is strongly advised to prevent potential exploitation”. It also suggested that users disconnect their printers from the internet to avoid being hacked.

The vulnerability mentioned pertains to Anycubic’s MQTT service, a messaging protocol used for device communication.

The text file claimed this service could be exploited to “connect and control” customer 3D printers remotely.

In light of these events, the text file urged users to disconnect their printers from the internet until Anycubic addresses the issue.

The broader community echoed this advice as users shared their experiences and recommendations on various forums.

Company Response

At the time of the reports, Anycubic’s app was down, and users attempting to log in were met with a “network unavailable” error message. 

Anycubic’s representative, James Ouyang, acknowledged the situation, stating, “We are investigating very carefully. There will be an official announcement very soon,” but did not provide further details.

The individual behind the text file claimed the message had been sent to 2.9 million Anycubic 3D printers3. 

This figure is significant, considering Anycubic’s reported cumulative sales of 3 million printers, as mentioned by James Ouyang in a previous interview.

Implications for Anycubic and Its Users

This hacking incident not only exposes potential security risks for Anycubic’s products but also puts the company’s reputation on the line.

Users are now waiting for a comprehensive response from Anycubic and a resolution to the vulnerability that has put their devices at risk.

Hacking Anycubic 3D printers is a stark reminder of the vulnerabilities inherent in internet-connected devices.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


Latest articles

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...

Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet...

New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites

HTTP Request Smuggling is a flaw in web security that is derived from variations...

Volcano Demon Group Attacking Organizations With LukaLocker Ransomware

The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles