Ongoing brute-force attacks against Synology devices


Recommended Posts

Synology PSIRT (Product Security Incident Response Team) has recently seen and received reports on an increase in brute-force attacks against Synology devices. Synology's security researchers believe the botnet is primarily driven by a malware family called "StealthWorker." At present, Synology PSIRT has seen no indication of the malware exploiting any software vulnerabilities. 

 

More information and security advises:

 

https://www.synology.com/en-global/company/news/article/BruteForce/Synology® Investigates Ongoing Brute-Force Attacks From Botnet

  • Like 3
Link to post
Share on other sites
  • jensmander changed the title to Ongoing brute-force attacks against Synology devices

Yep can confirm. Had an unusual uptick in failed login attempts.

Reminder to:

- Disable default admin account

- Carefully prune permissions

- Enforce strong passwords

- Enable login blocking + geographic blacklists

- Use 2fa, especially on admin accounts

- Have another backup of your data

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.