Online training site says it is spamming insecure printers with adverts

Graham Cluley

Online training site says it is spamming insecure printers with adverts

Online training site says it is spamming insecure printers with adverts

Online training site Skillbox says that it has come up with an imaginative way to reach out to potential clients, and invite them to change their careers from being boring old auditors and accountants and become graphical designers instead.

The Russian firm’s idea? To send a spam message to thousands of printers left open to the internet.

Skillbox, urged on by its marketing agency Possible Group, says that it has created a bot that uses the IoT search engine Shodan to find insecure printers, and then exploit them by forcing them to print out a message promoting a Skillbox course.

Pdf message

Part of the message reads:

A <MESSAGE> FROM BOT TO HUMAN

<To human it may concern>

You are in the risk group.

It’s 94% likely that by 2024 I will replace millions of accountants, auditors and financial analysts, no matter how experienced or => talented ‘they’ may be; The same fate will befall all professions based on structured and algorithmic processes

I “can” already give you this warning by printing it on your device by finding an open 9100 port via an open API in 1,5 seconds

<But I have good news too>
I will ‘not’ be able to place creative professions in the near future; Only 8% of graphic designwork will be replaced by bots by 2024

I have analyzed all possible outcomes, and find it beneficial for you to complete a design course from Michael Janda, author of ‘Burn Your Portfolio’, starting on 25.03.2019

The message goes on to encourage recipients to post about the message using the hashtag #bewarethebots, and offers a 5% discount off the cost of the course.

According to Skillbox’s marketing agency, over 600,000 printers have been “accessed” since March 11th.

Now, I’d be pretty upset if I received an unsolicited message like this on my printer. After all, I pay for the paper, I pay (an extortionate amount) for the printer’s ink, I pay for the printer’s electricity. If I haven’t given permission to a third party to print something out at my expense – I don’t want them printing something out.

And it’s not as if Skillbox could seriously use the argument that it was raising awareness about unprotected printers. After all, this exploitation of poorly-secured printers is nothing new.

After all, we saw a hacker spew ASCII art onto 160,000 unprotected printers back in February 2017,

And more recently, as we discussed on the “Smashing Security” podcast, we saw the Hacker Giraffe promote PewDiePie’s YouTube channel by hijacking printers.

Smashing Security #109: Grinches target Amazon and Reddit, stealing Christmas from the poor'

Listen on Apple Podcasts | Google Podcasts | Other... | RSS
More episodes...

Sure, it would be great if people didn’t leave their printers exposed to the internet but do we really need every Tom, Dick, and Hacker Giraffe exploiting the problem to print out their junk on thousands of devices?

As you can appreciate, my initial reaction was feeling like I wanted to bash my head against the wall at the idiocy of Skillbox for doing such an ethical thing… but then I looked online.

And what did I see?

Well, it’s more a case of what I didn’t see.

Maybe you’ll have more luck than me, but I haven’t seen any evidence that 600,000 printers (or anything close) have been sent this message yet. If they had I would expect there to be plenty of users up in arms on Twitter about their unexpected printouts just as there were when the Hacker Giraffe struck.

Is it possible that Skillbox has recognised that it might still get some media coverage even if it *doesn’t* actually send out any spam adverts? Might this be even more of a media stunt than it first appeared?

If you’ve received one of the unwanted Skillbox ads on your printer please leave a comment below.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

2 Replies to “Online training site says it is spamming insecure printers with adverts”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES