Warning: printers are currently abused

Message-Id: 201512161600
Time: 16.12.2015, 16:00
Affected: Printers within the IP range of 134.76.0.0/16
ImpactHundreds of pages are printed full of nonsense

Currently printers in the University of Göttingen are attacked: A user “admin” sends printjobs named “5MB.bin” to many printers within the University of Göttingen. This file contains unprintable data. So the printer prints hundreds of pages full of nonsense. This only happend to printers with an IP in the range of 134.76.0.0/16 because these printers are accessible worldwide.
To prevent this kind of attack we advise our customers only to use internal IP adresses within the range of 10.76.0.0/16.

If your printer starts to print nonsense pull of the network cable and remove the paper tray in the right moment. When the printer asks for mor paper turn the printer off. If you have any questions please contact support@gwdg.de.