Synology NAS Remotely Hacked To Mine $620K In DogeCoin

by
Anonymous Coward
in security on (#3PA)
story imageFrom ThreatPost via Soylent-not-a-food-trademark-infringing-site, a single criminal hacker planted trojans on Synology NAS units around the world and managed to use the little boxes to mine $620,000 worth of "DogeCoin", the cuter version of the BitCoin "virtual currency".

This, much more than the SuperMicro vulnerability, tells me I'm living in strange new times indeed. A home network-storage appliance used over the Internet to create wealth out of nothing but electricity running some decryption code. These are concepts that just didn't even exist a short time ago.

Had the hacker been just a little more conservative in resource utilization, the scheme may have gone undiscovered for much longer. The jig was up only after Synology users complained about performance to tech support! (Clearly, no one, anywhere, ever checks their router and firewall logs for unusual destinations).

I find this interesting as I had just been reading Ars Technica's new writeup of DIY NAS solutions as alternatives to the expensive fixed purpose NAS devices (some interesting alternatives mentioned in the comments there).

Re: But Why Not Just Windows? (Score: 3, Informative)

by pete@pipedot.org on 2014-06-21 14:19 (#27M)

my guess is that its a better target than windows due to lack of scrutiny - windows gets much attention on the virus/malware front, and thus the likelyhood of it being found sooner (plus heuristics - it only has to look like its mining or being sketchy to get flagged, even if it hasnt been seen or previously identified in the wild.) Perfect example being that nobody noticed anything except slow device speed - this could have gone undetected for years if the hacker were more careful. security through obscurity, right?

theres also a chance they bet that the synology team were not capable of noticing, diagnosing or fixing the malware. many devices these days get rare-to-nil firmware updates, even fewer people ensure they are actually applied, and its a beautiful hole to your internal network for other uses.
Post Comment
Subject
Comment
Captcha
The 2nd number from 29, fifteen, 5, 14 and seven is?