Hacked Synology NAS systems used in big-profit cryptocurrency mining scheme

News

By Lucian Constantin

June 16, 2014 03:46 PM ET

IDG News Service - A hacker exploited publicly known vulnerabilities to install malware on network-attached storage systems manufactured by Synology and used their computing power to generate Dogecoins, a type of cryptocurrency.

The operation took place during the first months of the year and is likely the most profitable of its kind to date, earning the attacker over US$600,000 according to a recent analysis by researchers from Dell SecureWorks.

Using CPUs and GPUs to solve cryptographic problems as part of cryptocurrency systems is an activity referred to as mining. Those who perform it -- typically using their own systems -- are automatically rewarded by the system with units or subunits of that respective currency.

At the beginning of February reports started appearing online from users complaining about sluggish performance and high CPU usage on their Synology NAS systems, which have a Linux-based operating system called DiskStation Manager (DSM) developed by the Taiwan-based manufacturer.

The problems were tracked to an unauthorized application running on affected systems from a directory called PWNED that turned out to be a custom version of a cryptocurrency mining program called CPUMiner specifically compiled for Synology's DSM OS, the Dell SecureWorks researchers said Friday in a blog post.

An analysis of the rogue program showed that it had been configured to mine Dogecoin, a peer-to-peer cryptocurrency similar to Bitcoin that was launched in December 2013.

The Dell SecureWorks researchers identified two electronic wallet addresses associated with the rogue mining activity and determined that their owner had mined over 500 million Dogecoins, worth about $620,000, mostly during January and February.

Read this article:
Hacked Synology NAS systems used in big-profit cryptocurrency mining scheme