Synology NAS devices attacked by StealthWorker botnet



[ad_1]

Close-up on Synology drive
Lukmanazis / Shutterstock.com

Popular NAS maker Synology has warned its users that the StealthWorker botnet is targeting company-made devices. The ongoing brute force attack could ultimately lead to ransomware infections on some systems.

What’s going on with Synology and StealthWorker?

According to Synology’s Product Security Incident Response Team and reported by Bleeping Computer, the company has seen an increase in brute force attacks against Synology devices. He believes that the StealthWorker malware is primarily responsible for the recent attacks.

Computers infected with StealthWorker are connected to a botnet that will perform brute force attacks.

The company claims that the attacks are based on a number of devices infected with the StealthWorker malware. The StealthWorker malware uses these machines to try to guess common administrative credentials. If successful, it will install its malicious payload, which could include ransomware.

From there, additional attacks could occur on other Linux-based devices, including Synology NAS products.

Synology was quick to point out that it “has seen no indication that the malware is exploiting software vulnerabilities.” This means that there is not a software hole left by the company that is being exploited, but rather, it is the existing infections that are causing the problems.

How can you stay safe?

If you are using a Synology NAS device, it is relatively easy to stay safe from these attacks. The company recommends that all users verify that their system does not contain weak administrative credentials and modify them if necessary. This applies to both residential users and system administrators. Synology also recommends enabling automatic blocking and account protection. Finally, you should configure multi-step authentication when possible.

If you found any evidence of suspicious activity on your devices, you can contact Synology Support for further assistance.




[ad_2]

Source link