a day ago
Windows Warning Issued As Printers Used In New Hack Attacks
Hackers are using printers to attack Windows devices.
Nobody should be surprised by now at the ingenuity of threat actors looking to hack your accounts and devices. I have recently reported on how SMS attackers can strike without knowing your phone number using the SMS Blaster machine, a smartwatch can be used to hack even highly secure air-gapped networks, and even Windows secure boot protections can be bypassed. What might come as a surprise, however, is the news that a new and ongoing hack attack campaign is enlisting the help of your printer to hack your Windows systems. Here's what you need to know.
Windows Users Warned As Microsoft 365 Direct Send Hackers Deploy Printers To Attack
A new report by the Varonis Managed Data Detection and Response Forensics team has confirmed an ongoing threat campaign, already known to have targeted at least 70 organizations, the vast majority of which are based in the U.S., using on-premises devices such as printers to exploit a poorly known Microsoft 365 feature to deploy the Windows hacking attack.
That feature is Direct Send, allowing devices such as printers and scanners to send email without any authentication. I mean, what could possibly go wrong? Quite a lot, as it happens. 'Threat actors are abusing the feature to spoof internal users and deliver phishing emails without ever needing to compromise an account,' Tom Barnea, a forensics specialist at Varonis, said.
The as yet unnamed hackers used this Microsoft 365 Direct Send function in order to target predominantly U.S. organizations with malicious messages that are 'subject to less scrutiny compared to standard inbound email,' according to Barnea. The Varonis investigation has concluded that the ongoing threat campaign appears to have started in May 2025, with a level of 'consistent activity over the past two months.'
Mitigating The Windows Printer Attack
To mitigate the Microsoft 365 Direct Send attacks, Varonis recommends organizations do the following:
Microsoft, meanwhile, said that most Microsoft 365 and Windows customers don't need to use the Direct Send feature, and it is working on an option to disable it by default to protect customers. 'We recommend Direct Send only for advanced customers willing to take on the responsibilities of email server admins,' Microsoft concluded.
