Anycubic users are reporting that their 3D printers have been the target of a potential security breach. Reports on Reddit (hat tip to @dan) show that users have received a suspicious text file on their Anycubic 3D printers titled “hacked_machine_readme.” The file warns of a supposed critical vulnerability in Anycubic’s systems and urges users to take immediate action to prevent exploitation.
“Your machine has a critical vulnerability, posing a significant threat to your security. Immediate action is strongly advised to prevent potential exploitation. Feel free to disconnect your printer from the internet if you don’t wanna get hacked by a bad actor! This is just a harmless message. You have not been harmed in any way.”
The text file claims that Anycubic’s MQTT service, a popular messaging protocol used by internet-connected devices, is the source of the vulnerability. It allegedly allows access and control of connected 3D printers. Anycubic’s app was inaccessible at the time of reporting, showing a “network unavailable” error message when users attempted to log in.
In the text file, the individual responsible for the message claims to have targeted 2.9 million Anycubic 3D printers. Anycubic’s own James Ouyang stated in a 2023 interview that the company had sold a total of three million printers. However, Ouyang did not respond to requests for comment from TechCrunch.
“Disconnect your printer from the internet until Anycubic addresses this issue,” the text file reads.
For more information, read the full story on TechCrunch: