jensmander Posted August 9, 2021 Share #1 Posted August 9, 2021 Synology PSIRT (Product Security Incident Response Team) has recently seen and received reports on an increase in brute-force attacks against Synology devices. Synology's security researchers believe the botnet is primarily driven by a malware family called "StealthWorker." At present, Synology PSIRT has seen no indication of the malware exploiting any software vulnerabilities. More information and security advises: https://www.synology.com/en-global/company/news/article/BruteForce/Synology® Investigates Ongoing Brute-Force Attacks From Botnet 3 Quote Link to comment Share on other sites More sharing options...
SnowDrifter Posted August 10, 2021 Share #2 Posted August 10, 2021 Yep can confirm. Had an unusual uptick in failed login attempts. Reminder to: - Disable default admin account - Carefully prune permissions - Enforce strong passwords - Enable login blocking + geographic blacklists - Use 2fa, especially on admin accounts - Have another backup of your data 1 Quote Link to comment Share on other sites More sharing options...
Dfds Posted August 10, 2021 Share #3 Posted August 10, 2021 I would also suggest changing the default “5000” & “5001” ports to something different. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.