Burn baby burn, plastic inferno! Infosec researchers turn 3D printers into self-immolating suicide machines

2020-07-31 10:15

Some 3D printers can be flashed with firmware updates downloaded directly from the internet - and an infosec research firm says it has discovered a way to spoof those updates and potentially make the printer catch fire.

Research from the appropriately named Coalfire biz claimed printers from Chinese company Flashforge could be abused through crafted updates that bypass safety features built into the devices' firmware.

Once the printer and its firmware were within Coalfire's control, researchers set about fiddling with variables to see whether they could achieve their goal: raising the temperature of the 3D printer head, which relies on melting plastic feedstock to form the printed item, to dangerously high levels.

"The way it works in our modifications is you just turn the printer on and it immediately starts heating up without any way of cooling down unless you turn it off; you don't actually have to give the printer any instructions to heat up. You can still tell it to print things and it'll function normally besides the UI screen giving nonsense readings of the current temperature which makes it a little insidious."

A couple of years ago scientific researchers published a paper calling for more research into the effect of 3D printers on indoor air quality, saying that some devices increased dust and chemical emission levels to a point that caused them concern.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/07/31/3d_printer_fire_firmware_hacks/

#infosec #printers #researcher