Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,736 posts)
Sat Jul 27, 2019, 09:19 PM Jul 2019

Ransomware crooks hit Synology NAS devices with brute-force password attacks

Source: ZDNet

Ransomware crooks hit Synology NAS devices with brute-force password attacks

Password-guessing attacks against Synology NAS devices are delivering a ransomware payload.

By Liam Tung | July 26, 2019 -- 09:01 GMT (02:01 PDT) | Topic: Security

Taiwan-headquartered storage vendor Synology is warning users to strengthen the passwords to their network attached storage (NAS) after several devices — capable of storing terabytes of data — were encrypted by ransomware.

NAS units used by home and small-business users are a juicy target for ransomware attackers, who know they're packed with valuable data, including backups of primary systems. In 2014, ransomware crooks hit thousands of Synology Diskstation devices by exploiting a flaw in the company's Linux-based DiskStation Manager that users hadn't patched. The attackers demanded 0.06 Bitcoin, then worth around $350, to regain access to files.

Synology is now warning its NAS device users that attackers recently stole device admin credentials using brute-force, or so-called dictionary attacks, where the attacker throws thousands of password combinations at a login interface.

As reported earlier this month, ransomware attackers have been targeting internet-facing NAS devices from a variety of vendors using the same methods.

Those attacks targeted NAS devices from Taiwanese vendor QNAP and delivered ransomware known as eCh0raix. But, in late July, there was a spate of reports from Synology users in an online forum that Synology devices were being encrypted with ransomware asking, once again, for 0.06 Bitcoin, now worth $583.

-snip-


Read more: https://www.zdnet.com/article/ransomware-crooks-hit-synology-nas-devices-with-brute-force-password-attacks/
Latest Discussions»Help & Search»Computer Help and Support»Ransomware crooks hit Syn...