Weaver uses CSRF to issue the PostScript commands over Port 9100 to print ASCII-based art he created, according to Jeremiah Grossman, CTO of WhiteHat Security in his blog post. Network printers typically receive print jobs via Port 9100.
"The end result is that by visiting a Web site on the Internet, you could end up sending printer spam to your printer without even knowing that anything happened," Weaver writes in his paper about the hack. "Since most printers dont have any security set, it is possible to print anything, control the printer, change the print settings and even send faxes."
How do you protect your printer from such an attack? For starters, Weaver says to make sure it has an administrative password. Then consider restricting access each printer, so that it can only execute jobs sent from a centralized print server.
Kelly Jackson Higgins, Senior Editor, Dark Reading