The may be even worse than expected following new claims it can be abused to amplify distributed denial of service ( ) attacks. Researchers from Akamai have claimed the attacks can have an amplification factor of 600x - for an average attack, a worrying prospect for victims everywhere. CUPS is an open-source printing system developed by for Unix-like , including Linux and macOS.

It provides a standardized way to manage print jobs and queues, supporting both local and network printers. CUPS uses the Internet Printing Protocol (IPP) as its primary protocol, allowing seamless printer discovery and job submission across networks. It also includes a web-based interface for managing printers, print jobs, and configurations.

Infinite loop CUPS was recently revealed to possess four flaws: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177, and when chained, these can allow threat actors to create fake, malicious printers, which CUPS can discover. The only thing the crooks need to do is send a specially crafted packet to trick the CUPS server. The moment a user tries to print something using this new device, a malicious command gets executed locally on their device.

Akamai’s experts, on the other hand, claim that each packet sent to flawed CUPS servers makes them generate larger IPP/HTTP requests, aiming at the targeted device. As a result, both CPU and bandwidth resources get eaten up, in classic DDoS fashion. Their research determined that there are almost 200,000 .