In a surprising turn of events, users of the widely popular Anycubic 3D printer have found themselves confronted with an unsettling message that warns of a critical vulnerability in their devices. The ominous message, named “hacked-machine_readme,” urges users to disconnect their printers from the internet immediately to avert potential consequences.
Unwanted Warnings on Anycubic 3D Printers
Reddit became the platform of choice for Anycubic 3D printer users to share their unsettling experiences after receiving the unsolicited warning message on their devices. The message, assuring users that no harm has been done, explicitly highlights a critical vulnerability within the printers, emphasizing the need for a swift disconnection from the internet to prevent potential exploitation.
MQTT Service Vulnerability Unveiled
The warning message indicates that the vulnerability stems from Anycubic’s MQTT service, a machine-to-machine network protocol designed for message queuing. According to the message, this vulnerability could be leveraged to “connect and control” internet-connected 3D printers. MQTT, known for its lightweight design suitable for devices with limited network bandwidth, aligns with the characteristics of the average Internet of Things (IoT) device.
Potential Intruder Capabilities
The warning message outlines potential actions that could be taken advantage of due to this vulnerability. While the author claims not to have taken malicious actions like deleting prints or wasting filament, the message hints at the possibility of executing startup scripts on the printers. The author’s plea to Anycubic to address and rectify the MQTT server issue underscores the seriousness of the situation.
Massive Outreach and Anycubic’s Response
Remarkably, the author reveals that the warning message was dispatched to an astonishing 2.8 million devices, signaling a widespread potential impact. As of the time of this report, Anycubic’s official website and Twitter account have remained silent regarding this security incident. However, a Reddit forum administrator mentioned that the company is actively investigating the matter, indicating that Anycubic is aware of the reported vulnerabilities.
In conclusion, the sudden emergence of security concerns surrounding Anycubic 3D printers raises questions about the integrity and safety of widely used consumer devices. As users await further communication from Anycubic, the incident serves as a stark reminder of the growing importance of cybersecurity in everyday technologies, even in seemingly innocuous devices like 3D printers. The ongoing investigation and potential resolutions will undoubtedly shape the outlook for Anycubic and its user base in the days to come.
