Businesses in the US and abroad are being spammed with ‘antiwork’ manifestos delivered through receipt printers by hackers who are prompting workers to unionize, refuse ‘poverty wages,’ and ask for more pay.
‘ARE YOU BEING UNDERPAID? You have a protected LEGAL RIGHT to discuss your pay with your coworkers. POVERTY WAGES only exist because people are ‘willing to work for them,’ read one of the messages in a print receipt.
The receipts directed workers to the r/antiwork subreddit, an online forum where users participate, comment and share their ‘antiwork’ and anti-capitalist sentiments – and strike for better work conditions.
The subreddit has since gained momentum, with users sharing their own theories about the messages printed on receipts.
Although many ventured to suggest that the pictures have been posted by people who have direct access to the printers instead of hackers, a cybersecurity analyst told VICE that network traffic going to insecure receipt printers indicates one or more hackers are indeed behind the attack.
Workers on Twitter and Reddit have posted several pictures showing the rebellious ‘anti-work’ message that alleged hackers are sending through their workplaces’ receipt printers
The receipts directed workers to the r/antiwork subreddit, an online forum where users participate, comment, and share their ‘antiwork’ and anti-capitalist sentiments – and strike for better work conditions
According to its description on the platform, the r/antiwork subreddit is a place for those ‘who want to end work, are curious about ending work, want to get the most out of work-free life…and want personal help with their own jobs/work-related struggles.’
‘Which one of you is doing this because it’s hilarious,’ a Reddit user who claimed that a message had been printed at his job, wrote on Reddit on Tuesday. ‘Me and my coworker need answers.’
One of the messages reportedly printed in a receipt read: ‘RIDDLE ME THIS. How can McDonald’s in Denmark manage to pay their staff $22 an hour and still sell a Big Mac for less than in America? Answer: UNIONS! Did you know it is a rather simple task to organize an UNION?’
Other receipts posted on Reddit, advised workers to ask for a minimum wage of $25 ‘or walk.’
‘TIME IS YOUR MOST VALUABLE ASSET Not only can you never obtain any more of it. you don’t even know how much you have to begin with. Why are you selling your time for SO LITTLE? Join the ”$25 OR WALK” movement!’ a receipt read.
The r/antiwork subreddit has since gained influence, with thousands of new users participating in the forum daily.
Receipts posted on Reddit advised workers to ask for a minimum wage of $25 ‘or walk’
Andrew Morris, the founder of cybersecurity firm Greynoise, told VICE, that his company had actually monitored traffic going to insecure receipt printers
While some believe it is a coordinated strategy by workers with access to the printers who have taken over to gain notability across the internet, others say that ‘hackers’ behind the subversive messages.
Andrew Morris, the founder of cybersecurity firm Greynoise, told VICE, that his company had actually monitored traffic going to insecure receipt printers.
Morris said the messages appear to have been sent indiscriminately.
‘Someone is using a similar technique as ‘mass scanning’ to massively blast raw TCP data directly to printer services across the internet,’ he said. ‘Basically to every single device that has port TCP 9100 open and prints a pre-written document that references /r/antiwork with some workers rights/counter capitalist messaging.’
Morris said that the person or people behind the attack are sending the message from 25 different servers, making it hard for businesses to just block one IP address.
Morris said that the person or people behind the attack are sending the message from 25 different servers, making it hard for businesses to just block one IP address
More than a thousand printers are exposed, he added.
Reddit user beachcamp added that receipt and label printers commonly used at businesses are connected to the internet and often have poor security, becoming easy targets for hackers.
‘What this means is that with a bit of know-how, a motivated person can send print jobs to them [printers] saying whatever they wish,’ they wrote.
Other users mentioned that people in the subreddit had been ‘joking’ about using the print systems for months, so the incident did not come as a surprise.
In 2020, cybersecurity experts at CyberNews hijacked almost 28,000 unsecured printers worldwide to highlight how easy it is to hack them, and how pivotal antivirus, antimalware, and VPNs are in securing devices against potential attacks.
Of the 50,000 devices they intended to hack, 27,944 were successfully accessed.
‘Taking this percentage into account, we can presume that out of 800,000 internet-connected printers across the world, at least 447,000 are unsecured,’ the website concluded.
While some found the measure used by ‘antiwork’ hackers intrusive, others on Reddit agreed that the message delivered justified the means.
‘I’ve received about 4 different messages at random times over the last week at work. Very inspiring, encouraging, and fun to see my [boss’] face when he has to rip them off the printer,’ a user wrote.