DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
August 21, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 77 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

Cryptocurrency mining malware found on 70% of Seagate Central NAS devices

Posted on Monday, September 12 2016 @ 14:21:52 CEST by


Seagate logo
Security researchers discovered that about 70 percent of all Seagate Central NAS devices connected to the Internet are infected with Mal/Miner-C (also known as PhotoMiner), a piece of malware that uses infected systems to mine for the Monero cryptocurrency.

The Seagate Central NAS has a public folder that can't be deactivated or deleted, and is accessible to all users, even anonymous users. The Miner-C malware abuses this design flaw to spread itself to the public folder on all Seagate Central NAS devices it can find by scanning the Internet for potential victims.

The next step of the attack vector is to trick the user into installing the malware. This is done by placing "Photo.scr" in the public folder, this is a script that malware coders have modified to use a standard Windows folder icon.

By default, Windows hides most file extensions so when a Seagate Central NAS device owner explores the public folder chances are high their curiosity will be peaked by this fake Photo folder. When the user clicks on the script, the cryptocurrency miner is installed on their PC.

Seagate Miner C

Sophos security researchers discovered that of the around 7,000 Seagate Central NAS devices connected to the Internet, about 5,000 are infected with Miner-C. Because the Monero account information is stored in the malware's configuration file, the researchers were able to calculate that these cybercriminals have made over $86,400 from the operations and are responsible for 2.5 percent of the entire Monero mining activity.

As Softpedia reports, one of the big worries here is that users have no way to protect their device without completely disabling remote access:
The quandary is that Seagate Central owners have no way to protect their device. Turning off the remote access NAS feature can prevent the infection, but also means they lose the ability to access the device from a remote location, one of the reasons they purchased the hard drive in the first place.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba