- Joined
- Oct 9, 2007
- Messages
- 46,386 (7.67/day)
- Location
- Hyderabad, India
| System Name | RBMK-1000 |
|---|---|
| Processor | AMD Ryzen 7 5700G |
| Motherboard | ASUS ROG Strix B450-E Gaming |
| Cooling | DeepCool Gammax L240 V2 |
| Memory | 2x 8GB G.Skill Sniper X |
| Video Card(s) | Palit GeForce RTX 2080 SUPER GameRock |
| Storage | Western Digital Black NVMe 512GB |
| Display(s) | BenQ 1440p 60 Hz 27-inch |
| Case | Corsair Carbide 100R |
| Audio Device(s) | ASUS SupremeFX S1220A |
| Power Supply | Cooler Master MWE Gold 650W |
| Mouse | ASUS ROG Strix Impact |
| Keyboard | Gamdias Hermes E2 |
| Software | Windows 11 Pro |
Synology PSIRT (Product Security Incident Response Team) has recently seen and received reports on an increase in brute-force attacks against Synology devices. Synology's security researchers believe the botnet is primarily driven by a malware family called "StealthWorker." At present, Synology PSIRT has seen no indication of the malware exploiting any software vulnerabilities.
These attacks leverage a number of already infected devices to try and guess common administrative credentials, and if successful, will access the system to install its malicious payload, which may include ransomware. Devices infected may carry out additional attacks on other Linux based devices, including Synology NAS.
Synology PSIRT is working with relevant CERT organizations to find out more about and shut down known C&C (command and control) servers behind the malware. Synology is simultaneously notifying potentially affected customers.
Synology strongly advises all system administrators to examine their systems for weak administrative credentials, to enable auto block and account protection, and set up multi-step authentication where applicable.
System administrators that have found suspicious activity on their devices should reach out to Synology technical support immediately.
View at TechPowerUp Main Site
These attacks leverage a number of already infected devices to try and guess common administrative credentials, and if successful, will access the system to install its malicious payload, which may include ransomware. Devices infected may carry out additional attacks on other Linux based devices, including Synology NAS.
Synology PSIRT is working with relevant CERT organizations to find out more about and shut down known C&C (command and control) servers behind the malware. Synology is simultaneously notifying potentially affected customers.
Synology strongly advises all system administrators to examine their systems for weak administrative credentials, to enable auto block and account protection, and set up multi-step authentication where applicable.
System administrators that have found suspicious activity on their devices should reach out to Synology technical support immediately.
View at TechPowerUp Main Site
