Do you’ve gotten an Anycubic Kobra 2 Pro/Plus/Max 3D printer? Did it has a safety vulnerability?
If you answered “sure” to each these questions, then likelihood is that I can guess simply how you came upon your 3D printer was susceptible to hackers.
My wager is that you just might need learnt about the issue after seeing a wierd message displayed in your gadget, claiming that it had been hacked.
As a number of posts on Reddit affirm, homeowners of the 3D printers have had an uncommon message pop up on their gadgets.
The message comprises ASCII artwork of a worm and claims to be “innocent” – however warns of a “important vulnerability” within the printer, posing a “significant threat”. It advises affected customers to disconnect their printer from the web to keep away from being hacked.
In the message, somebody calling themselves “printer god” bemoans Anycubic’s lax safety and warns {that a} malicious assault might have prompted harm.
The warning message within the file hacked_machine_readme.gcode may be safely deleted from the printer’s display or USB drive. The creator claims to have despatched it to over 2.9 million susceptible printers.
The hack appears to be linked to a submit in a web based discussion board earlier this week by a consumer known as “Dump”. “Dump” claimed to have tried to speak with Anycubic for 2 months about “two important safety vulnerabilities” – with one described as “catastrophic if discovered to be malicious.”
Anycubic has now confirmed the existence of a “safety difficulty”, which it claims was “brought on by a 3rd celebration utilizing a safety vulnerability of the MQTT server to entry customers’ printers.”
Anycubic says that it’s enhancing its cloud server safety and can launch new firmware to customers on March 5, 2024.
This is not the primary time that printers have been hijacked via safety vulnerabilities to unfold messages. For occasion, in 2018, hundreds of printers have been seized to print out a message selling PewDiePie’s YouTube channel.