Business IT

Malware via fax

By Stephen Withers on Aug 24, 2018 9:02AM
Malware via fax

Editor's Picks

IoT Explained: What is the Internet of Things in Australia (June 2022)

5 essential digital transformation ideas

Top 5 Benefits of Managed IT Services

Venom BlackBook Zero 15 Phantom

Researchers at security vendor Check Point have demonstrated that it is possible to take control of a computer by sending a specially crafted fax to a multifunction device on the same network.

Over the years, security researchers have found many vulnerabilities in software that can be exploited via maliciously crafted image files. As a simple example, imagine that a particular file format calls for a certain element to be no longer than 64 bytes. If the software that processes this image type doesn't correctly check the length of that element, it may happen that any excess data spills over into an area of memory that contains code. So there's potential to create a malformed image file that includes code which is executed when the image is loaded.

Check Point researchers Eyal Itkin and Yaniv Balmas thought it might be possible to use this general approach to attack a multifunction device by sending a malicious fax to it .

With considerable effort, they found a series of critical vulnerabilities that allowed them to take complete control over an HP Officejet Pro 6830 in this way.

Newsletter Signup

Get the latest business tech news, reviews and guides delivered to your inbox.

I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the Business IT newsletter and receive special offers on behalf of Business IT, nextmedia and its valued partners. We will not share your details with third parties.

"Once an all-in-one printer has been compromised, anything is possible. It could be used to infiltrate the internal network, steal printed documents, mine Bitcoin, or practically anything," said the researchers

"Infiltrate the internal network"? Yes, it's that bad.

Having established a way to gain control over the all-in-one by sending it a fax, they further developed the payload to take over computers attached to the same network by using the EternalBlue exploit and the DoublePulsar backdoor implant tool, both of which are believed to have been developed by the US NSA, and after being leaked by the Shadow Brokers group have been used in ransomware.

Check Point did the right thing by notifying HP and not going public until the latter had released a patch to overcome the weaknesses.

A large number of models need the patch, including PageWide, Officejet, Designjet, Deskjet, Envy, Photosmart, and Smart Tank devices. Affected models are listed here, along with a link to the updated firmware. Owners are advised to install the update as soon as possible.

Itkin and Balmas said "Our research was done on HP Officejet all-in-one printers though this was merely a test-case. We strongly believe that similar vulnerabilities apply to other fax vendors too as this research concerns the fax communication protocols in general."

They further warned that "similar vulnerabilities are likely to be found in other fax implementation, such as fax-to-mail services, standalone fax machines, etc."

So if you own any device that has the ability to receive faxes, watch out for an update from its vendor. If an update isn't forthcoming, ask why. And ask yourself whether you really need fax any more - if the answer is no, the simplest fix might be to disconnect the phone cable.

Copyright © BIT (Business IT). All rights reserved.
Tags:
check point fax hp malware printers ransomware security software
By Stephen Withers
Aug 24 2018
9:02AM
0 Comments

Related Articles

  • How an inside-out approach to data security ensures rapid ransomware recovery
  • 5 essential digital transformation ideas
  • 5 Considerations to help businesses with their cybersecurity strategy
  • Ransomware: what SMBs needs to know
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

5 essential digital transformation ideas

5 essential digital transformation ideas

Digital dystopia: your reputation is on the line

Digital dystopia: your reputation is on the line

How to manage payment risks and fraud in 2022

How to manage payment risks and fraud in 2022

IoT Explained: What is the Internet of Things in Australia (June 2022)

IoT Explained: What is the Internet of Things in Australia (June 2022)

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.