Slashdot Mirror

← Back to Stories (view on slashdot.org)

DVRs Used To Attack Synology Disk Stations and Mine Bitcoin

Posted by Unknown on from the dvr-burned-the-house-down dept.

UnderAttack (311872) writes "The SANS Internet Storm Center got an interesting story about how some of the devices scanning its honeypot turned out to be infected DVRs. These DVRs are commonly used to record footage from security cameras, and likely got infected themselves due to weak default passwords (12345). Now they are being turned into bots (but weren't they bots before that?) and are used to scan for Synology Disk Stations who are vulnerable. In addition, these DVRs now also run a copy of a bitcoin miner. Interestingly, all of this malware is compiled for ARM CPUs, so this is not a case of standard x86 exploits that happen to hit an embedded system/device."

4 of 75 comments (clear)

  1. Why is anyone surprised... by TWX · · Score: 4, Insightful

    ...by this?

    I'm more surprised that we haven't seen reports of infected DVD and Blu-ray players whose only purpose is to seek out more powerful devices (PCs, smartphones) on peoples' networks to compromise and turn into bitcoin zombies. After all, it only takes a few people to come up with the exploits in the first place, and then 5kr1p7 k1dd13s can use the tools others have created.

    --
    Do not look into laser with remaining eye.
    1. Re:Why is anyone surprised... by fuzzyfuzzyfungus · · Score: 4, Insightful

      If memory serves, most of Synology's non-intel NASes are Marvell based. Marvell's fastest device, in terms of general compute, is the MV78460. 4 cores, ARMv7, up to 1.6GHz. As documented here most Synology NASes ship with something slower than that.

      For reference, a 1.6GHz 'Kirkwood' Marvell core is good for slightly under .2 meghashes/s. About half as fast as an Atom CPU, less than 1/4000th as fast as an AMD7970, and just plain embarassing compared to the ASICs that do most of the work these days. With devices that run on USB power alone pulling north of 1gighash/s, you could probably own every Synology ARM NAS in the first world and barely pay yourself for your time.

    2. Re:Why is anyone surprised... by Pope · · Score: 4, Informative

      Synology's firmware is updated p. regularly in my few month's experience of owning a DiskStation.

      --
      It doesn't mean much now, it's built for the future.
  2. Much better this year by AuMatar · · Score: 5, Funny

    This april fools is believable.

    --
    I still have more fans than freaks. WTF is wrong with you people?