Security News > 2021 > August > Synology warns of malware infecting NAS devices with ransomware

Synology warns of malware infecting NAS devices with ransomware
2021-08-09 13:12

Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks that lead to ransomware infections.

According to Synology's PSIRT, Synology NAS devices compromised in these attacks are later used in further attempts to breach more Linux systems.

Synology is working on notifying all potentially impacted customers of these ongoing attacks targeting their NAS devices.

Synology provides more information on defending your NAS device against ransomware infections here.

Once deployed on a compromised machine, the malware creates scheduled tasks on both Windows and Linux to gain persistence and, as Synology, warned deploys second-stage malware payloads, including ransomware.

While the NAS maker didn't issue a security advisory, customers reported in January that they had their devices infected with Dovecat Bitcoin cryptojacking malware [1, 2] starting with November 2020, in a campaign that also targeted QNAP NAS devices.


News URL

https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Synology 69 32 131 49 24 236