BEWARE! Malware Is Infecting Synology NAS Devices!

If you own a Synology NAS (network attached storage) Device, you should be aware that a botnet called SteathWorker is targeting these NAS devices to infect them with malware that can lead to ransomware attacks. Synology has posted a security advisory on its website that has more details. But in short, here’s the part that you should pay attention to:

These attacks leverage a number of already infected devices to try and guess common administrative credentials, and if successful, will access the system to install its malicious payload, which may include ransomware. Devices infected may carry out additional attacks on other Linux based devices, including Synology NAS.

Synology also has this document that details how to defend yourself against these attacks. This too is a must read. But here are the key points from that document:

  • Use a complex and strong password, and Apply password strength rules to all users.
  • Create a new account in the administrator group and disable the system default “admin” account.
  • Enable Auto Block in Control Panel to block IP addresses with too many failed login attempts.
  • Run Security Advisor to make sure there is no weak password in the system.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: