Jump to content
XPEnology Community

I've been hacked. Running latest DSM 6.2.4-25556 Update 7 on real syno hardware


mitzone

Recommended Posts

From what it seems, entry point was thru the PhotoStation app which was exposed to the internet.

The hacker enabled ssh, changed sshd_config to allow reverse tunnels and TCP/gateway forwarding and added a key into authorized_keys.

 

I'm still doing damage control; I just wanted to let you know that PhotoStation's security (which is no longer supported by synology) is compromised.

 

Cheers!

  • Like 1
Link to comment
Share on other sites

On 9/12/2024 at 7:49 AM, smileyworld said:

Why did you still use DSM 6 and Photo Station?

maybe the hardware does not support 7.x or there are some older packages that do not run with 7.x, also often a case of not sink time if its not needed (dont fix things that are not broken) as 6.2 is still under official support including photo station until the end of the month

https://www.synology.com/en-global/products/status/eol-dsm62

 

 

Edited by IG-88
  • Like 1
Link to comment
Share on other sites

Thanks for your offer for help. I stayed at latest 6.x for PhotoStation and for some other couple apps I was running on it. I'm at latest version with everything now.

 

My initial post was mostly to let people know that I was stupid :) and that the latest PhotoStation version on DSM6.x is vulnerable and there are active exploits for it in the wild.

 

Link to comment
Share on other sites

Best to have the NAS behind a good firewall. Also disable SSH if not in use.

Use a firewall that has a second stage access porting to your NAS, and the SSH/TCP/UDP ports.

Don't forget Synowedjat too. That's Synology's access backdoor to your NAS.

That runs if updates is turned on.

 

Photostation in general is a much better app then the new one.

There are exploits out there. Even for the new apps.

 

Why a good firewall is the best thing you have have.

Nothing truly is full proof in the world.

Its a matter of time.

 

The latest DSM wasn't released due to exploits.

It was only made due to the apps in DSM 6.2.4, and the licensing Synology had to pay with those and 3rd party developers.

Why nothing beats DSM 6.2.4 and the apps that came with it.

In fact a NAS on DSM 6.2.4 has more value then one on DSM 7.x.

As it has the better licensing for the apps.

Only problem that happened in the older DSM's is Synology decided not to support them anymore, for all the money they had to dish out for the apps to be developed for them.

And they dropped any security updates along with it.

That's why when you install the new DSM and apps.

You will see where the cost cutting really happens.

You get alot less for sure.

Only a new interface is about it.

Surveillance Station was the main killer for Synology when this started for the DSM updates like crazy when DSM7 started..

The memo on why was released about 2 years ago.

But it clearly stated. Synology didn't want to pay anymore for the licensing on those apps.

Now with the newer DSM's comes the limitations. And alot less.

To me. Noting beats 6.2.4.

Maybe just me.

Why I would suggest a good firewall over anything else.

Even if you're on DSM 7.2.2.

As its only a matter of time.

 

 

 

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...