According to Dell’s security researchers, a single piece of software, surrepitiously installed on some Synology network attached storage devices, has mined $620,000 of virtual currency Dogecoin. A vulnerability discovered in September and not patched by Synology until February allowed the hack, which installed the mining package, forcing the devices to run hot and transfer data slowly due to the load from the miner.
Dell’s SecureWorks Counter Threat Unit researcher Pat Litke wrote that “To date, this incident is the single most profitable, illegitimate mining operation. As cryptocurrencies continue to gain momentum, their popularity as a target for various malware will continue to rise.”
The CPUMiner package, and the corresponding wallet key, that was installed was traced back to Germany. Examination of the cryptocurrency’s transaction chain led to the discovery of the perpetrator being from Germany, and more than 500 million Dogecoin being harvested from the appropriated appliances.
Synology’s February patch prevents the attack, but does not eradicate the malware. Users have devised a solution, which can be found on the Synology support forums.
