Do you might have an Anycubic Kobra 2 Professional/Plus/Max 3D printer? Do you know it has a safety vulnerability?
In the event you answered “sure” to each these questions, then chances are high that I can guess simply how you came upon your 3D printer was weak to hackers.
My wager is that you just might need learnt about the issue after seeing an odd message displayed in your machine, claiming that it had been hacked.
As a number of posts on Reddit verify, homeowners of the 3D printers have had an uncommon message pop up on their units.
The message incorporates ASCII artwork of a worm and claims to be “innocent” – however warns of a “essential vulnerability” within the printer, posing a “important menace”. It advises affected customers to disconnect their printer from the web to keep away from being hacked.
Within the message, somebody calling themselves “printer god” bemoans Anycubic’s lax safety and warns {that a} malicious assault may have brought on injury.
The warning message within the file hacked_machine_readme.gcode may be safely deleted from the printer’s display screen or USB drive. The creator claims to have despatched it to over 2.9 million weak printers.
The hack appears to be related to a put up in an internet discussion board earlier this week by a consumer known as “Dump”. “Dump” claimed to have tried to speak with Anycubic for 2 months about “two essential safety vulnerabilities” – with one described as “catastrophic if discovered to be malicious.”
Anycubic has now confirmed the existence of a “safety concern”, which it claims was “brought on by a 3rd get together utilizing a safety vulnerability of the MQTT server to entry customers’ printers.”
Anycubic says that it’s enhancing its cloud server safety and can launch new firmware to customers on March 5, 2024.
This is not the primary time that printers have been hijacked by means of safety vulnerabilities to unfold messages. As an illustration, in 2018, 1000’s of printers had been seized to print out a message selling PewDiePie’s YouTube channel.