The Internet was filled with messages from owners of ANYCUBIC 3D printers about their hacking. Only in this case, the hackers did not want to steal other people’s data or harm people in any other way. Quite the opposite – users were thus warned of potential danger.
The “attacker” sent the hacked_machine_readme.gcode file to the hacked devices – a similar format usually contains instructions for 3D printing. One could expect the worst, but inside there is only a message and a warning that the 3D printer contains a critical vulnerability that can be exploited by not the most benevolent individuals.
“You can call me the printer god,” the hacker writes in the message, adding that it does not mean any harm.
The hacker advises users to disconnect their printers from the Internet until ANYCUBIC takes appropriate measures to eliminate the vulnerability. According to the “printer god”, the MQTT service used by ANYCUBIC allows anyone with an active account to connect and control other people’s printers using the appropriate API.
According to information from the hacker himself, this “letter of kindness” was downloaded to 293,463 devices, which indicates the widespread nature of the problem. ANYCUBIC has already begun to investigate what happened .