An Anycubic update on the topic can be found here.
3D printing specialist Anycubic has been confronted with a serious security incident in recent days. As the company admitted, a vulnerability in the cloud platform’s MQTT server was exploited to send commands to networked 3D printers.
According to initial findings, over 2,000 Kobra 2 series 3D printers connected to Anycubic Cloud received instructions to download a file from a third-party server and display it under the name “hacked_machine_readme.gcode”. Anycubic confirmed that a total of 237 printers were indeed affected and had received the file.
“We take full responsibility for this incident and sincerely apologize to our customers for the delayed response,” the company stated. A user had already alerted Anycubic to the security vulnerability on February 26, 2024.
Firmware update and countermeasures
In an initial response, Anycubic strengthened the security measures on the cloud servers and the verification process for data retrieval. A firmware update for the affected 3D printer series is to be distributed over-the-air (OTA) from March 5, 2024 and will close security gaps.
In addition, the manufacturer has announced that it will revise the network segmentation to prevent unauthorized access to the services. Regular audits and updates of all systems and the MQTT server software are also planned.
For the time being, Anycubic advises users who find the file “hacked_machine_readme.gcode” on the printer or a USB stick to delete it manually. Although it is harmless, it indicates that the device has been misused for remote control. Anyone who feels unsettled by the incident can also simply deactivate the printer’s WLAN connection.
Subscribe to our Newsletter
3DPresso is a weekly newsletter that links to the most exciting global stories from the 3D printing and additive manufacturing industry.
