News

Anycubic Security Breach: A Cautionary Tale on Cloud-Connected Printers

Posted on by Tim Hoogland

Greetings TH3D Family,

In recent days, the 3D printing community has been abuzz with reports of a concerning security breach involving Anycubic, a prominent player in the 3D printing industry. While we’re always excited to see advancements in technology, incidents like these remind us of the importance of maintaining a cautious approach, especially when it comes to cloud-connected devices.

LCD message from the hack (from Mr_0verwrite via Reddit)

According to a wave of online reports from Anycubic customers, individuals have experienced unauthorized access to their 3D printers, accompanied by alarming messages highlighting potential security vulnerabilities. The message, often appearing as a file named “hacked_machine_readme.gcode,” serves as a stark reminder of the potential risks associated with internet-connected printers.

Contents of the GCODE file on the printers. (from lilputman via Reddit)

The file, when accessed, alerts users to a critical security flaw, urging immediate action to mitigate potential exploitation. It alleges that Anycubic’s MQTT service API, designed for communication between devices and servers, has been compromised, allowing unauthorized access to affected printers.

While Anycubic has yet to issue an official statement regarding this incident, the severity of the situation is not to be underestimated. As a community, we must prioritize security and take proactive measures to safeguard our equipment and data.

To our valued community members who may be affected by this breach, we urge you to take immediate action. Disconnect your printer from the internet until Anycubic addresses and patches this issue. Additionally, we encourage you to report any incidents and provide relevant information to assist in resolving this matter swiftly.

Incidents like these serve as a stark reminder of why we advocate for caution, especially concerning cloud-connected 3D printers. At TH3D Studio, we prioritize the security and privacy of our customers, and while the allure of connectivity may be enticing, the potential risks outweigh the benefits.

We stand with the affected users and hope for a swift resolution to this security breach. In the meantime, let us remain vigilant and proactive in safeguarding our equipment and data.

For those impacted, Anycubic has provided a Google Form to report any instances of hacking or unauthorized access: Report Form

Stay safe, stay vigilant, and happy printing.

Sincerely,
Tim Hoogland

Sources:

  1. TechCrunch – Anycubic users’ 3D printers hacked, warning issued
  2. BleepingComputer – Anycubic 3D printers hacked worldwide to expose security flaw
  3. Klipper Discourse Group – Printer CFG for Anycubic Kobra 2 Plus Pro Max
  4. Reddit – Hacked Printer
Avatar photo
Tim Hoogland

Leave a Reply

SHARE YOUR CART