Researchers from a Nasdaq-listed Israeli security company have warned of vulnerabilities likely to be exploited by hackers on all-in-one printers with fax functionality.
The security experts from Check Point Software Technologies, which has a main office in the California, said there are serious security flaws in all-in-one printers connected to the internal home or corporate networks through their Ethernet, WiFi or Bluetooth interfaces. They are also connected to a PSTN phone line to support their in-built fax features.
In a technical report released on Sunday, the researchers said hackers could potentially exploit those vulnerabilities to break into the internal network of families or companies to steal sensitive data by sending malicious code to the printers with fax functionality.
The researchers said they have found “several critical vulnerabilities in all-in-one printers which allowed us to ‘faxploit‘ the all-in-one printer and take complete control over it by sending a maliciously crafted fax”.
“Once an all-in-one printer has been compromised, anything is possible. It could be used to infiltrate the internal network, steal printed documents, mine Bitcoin, or practically anything,” they said in the report.
The Check Point researchers said the threat is real as an estimated hundreds of millions of fax machines are currently still in use around the world.
In a technology-dominated world today where people communicate with emails, chat messengers, mobile devices, web-services, or even satellites using quantum messaging, standalone fax machines appear not as popular as in the pre-Internet era, but financial reports from Wall Street indicate that tens of millions of all-in-one printers are sold worldwide each year, the experts explained.
They advised that private or sensitive files could be protected by moving them to a sub-network that is separated from a network where printers are connected.