All you folks using Synology NAS systems, here’s a malware and hacking alert. As per the reliable resources, a hacker named ‘Foila’ is infecting Synology network attached storage devices with Dogecoin mining malware. He has so far earned over $600,000 by this practice and is specifically targeting newly installed devices.
Dell Secureworks researchers have confirmed this news and have also endorsed the news that the hacker has succeeded in earning a good amount of currency from the activity. Dell Secureworks researcher also told to the press conference that the operation took place during the first months of this year and the hacker is still trialing down the weak devices on network in order to use their computing power to generate Dogecoins, a type of crypto currency.
The whole earning procedure takes place as follows- With the use of a CPU or a GPU, one can solve cryptographic problems as part of crypto currency systems and this activity is called as mining. Those who performed it will typically use their systems and are automatically rewarded by the system with units of the same currency.
The hacking reports of Synology NAS started to appear online, when almost 52 Synology NAS users started to post online that their device’s GPU/CPU usage was too high and the performance was getting sluggish day by day. Synology NAS systems have a Linux based operating system called as DiskStation Manager developed by Taiwan based manufacturer.
Almost, all the users tracked the high usage of CPU/GPU to an unauthorized app called PWNED running on their device. This application turned out to be a custom version of cryptocurrency mining program called CPUMiner specifically compiled for Synology DSM operating system.
After the analysis of this rogue program, security researchers found that this notorious program was configured to mine Dogecoin, a P2P cyptocurrency similar to that of a Bitcoin that was launched in the last month of 2013.
Dell Secureworks analysts identified that this rogue program creator has succeeded in mining over 500 million DogeCoins, worth $620,000 mostly during the months of Jan and Feb 2014. There is enough evidence that the hacker is still on the prowl of weak devices on the internet and has infected most of the synology NAS stations with this mining malware.
After learning about this hacking activity in Feb 2014, Synology immediately reacted and released a security firmware update to all its devices.
But the latest reports suggest that the update has failed to isolate the said company devices from the mass attacks of hackers and online criminals. And in the past couple of years, several security experts have suggested that attackers are shifting their focus from desktop apps to other networked devices such as smart phones & such NAS devices due to the fact that they are plagued by basic vulnerabilities and can be easily compromised.
Hope, Synology comes up with a foolproof solution this time and isolates its users from such prying eyes.
storageservers.wordpress.com 