AnyCubic has fixed a critical vulnerability in the company’s 3D printer MQTT service API after a global hack by a white-collar hacker

AnyCubic has fixed a critical vulnerability in the company’s 3D printer MQTT service API after a global hack by a white-collar hacker

AnyCubic has released a new firmware for Kobra 2 Pro/Plus/Max 3D printers that addresses a critical vulnerability in the MQTT service API. This happened a few days after a white hacker hacked most of the company’s devices sold around the world. 2934635 AnyCubic 3D printers were found to be vulnerable on the network.

“We would like to inform you that operational actions were taken on our part, and on March 5 we released a new firmware specially designed to eliminate the identified zero-day vulnerabilities,” reported AnyCubic.

The developers of AnyCubic explained that the company has strengthened security checks and authorization/permission management on its MQTT server, which was used by the hacker to send alerts to the 3D printers.

AnyCubic apologized for the incident but did not explain why the company ignored three emails describing the vulnerability sent to white-collar hackers in late 2023 and early 2024.

In late February, the hacker added a hacked_machine_readme.gcode file to users’ devices, which typically contains 3D printing instructions. It also contains a request to open source the 3D printers. “Your machine has a critical vulnerability that poses a significant security risk. It is strongly recommended to take immediate measures to prevent its potential exploitation,” the text file reads. The hacker also advises users to disconnect printers from the Internet. “It’s just an innocent message. You are by no means injured,” he writes. According to the hacker, responsibility for the vulnerability lies with AnyCubic, whose MQTT server allows any active account holder to connect to and control the printer via the matt API. Also, the manufacturer ignored the hacker’s warning about the vulnerability for two months.

After the incident, AnyCubic began collecting information (account names, CN codes, device logs, and gcode files) from affected customers to diagnose the problem. The developers also disabled access to the AnyCubic program a few hours after the first reports of “hacked” printers began to appear.

AnyCubic is located in Shenzhen, China and is currently one of the most popular 3D printer brands on the market. It claims to have sold more than 3 million printers in more than 120 countries.

Related posts