HP LaserJet printer could be a gaping hole in your security defences

Have you got an HP LaserJet printer tucked away in the corner of the office? If that’s the case, then be warned that malware peddlers could be abusing the hard drive on board the device.

This warning comes courtesy of security researcher Chris Vickery (who runs the MacKeeper blog), and he notes that your HP printer has a substantial wedge of storage space built-in which could be accessed and used for nefarious purposes by hackers if left on its default settings.

The storage is there so staff can use it for large print jobs, but the HP LaserJet devices have a default setting which puts up an FTP server on port 9100 – and if you don’t protect that port, hackers could easily access it, and in Vickery’s words, you are “basically handing an anonymous FTP server to the hacker community”.

Take action now

As the researcher notes, a hacker could use the printer to store any kind of dodgy material, or host malicious scripts and so forth – and this is likely to remain undiscovered, because it isn’t common to check what’s on a printer hard drive.

With probing and hacking constantly on the rise these days, you certainly need to check if you need to take action if your office does have an HP printer.

As Vickery advises, if you do have such a printer, you should make sure that port 9100 isn’t open, and that your printers should be behind a firewall. If you have been previously unprotected, after taking these preventative measures you might also want to have a look at what’s on your printer’s drive, just in case.

Via: Softpedia

Related