Recently discovered vulnerabilities referred to as “Faxploit” allow hackers to enter corporate computer networks and compromise critical data.
Attackers are able to send malformed fax images containing code that exploits the fax machine and allows them to install their own code to take over the fax machine.
Most modern day fax solutions require a network connection to either e-mail or save faxes to a network folder, this connection to the corporate data network allows the attacker to deploy other well-known hacking tools that can scan the local network and compromise unsecure devices. As most organizations publicize their fax numbers, attackers can use Faxploit to target almost any organization.
As the attacks come in direct through phone lines and not the internet this makes preventing the attack extremely difficult. Most security software and services today target internet based attacks.
Watch this less than 2 minute video recorded by Check Point for a demonstration on how the fax machine exploits a computer network:
