back to article SOHOpeless Seagate NAS boxen become malware distributors

Sophos researchers say they've uncovered a malware strain that targets Seagate's network-attached storage appliances and turns them into distribution points for cryptocurrency-mining malware. Attila Marosi, a senior threat researcher, explains the attack in a document titled Cryptomining malware on NAS servers (PDF). “Attack …

  1. allthecoolshortnamesweretaken

    14-odd k per month... assuming it didn't take long and a big team to come up with a bit of code or script to look for and access public folders, probably a good ROI.

    1. Pascal Monett Silver badge

      Any time you get money by just sitting on your ass and waiting for it to roll in is very good ROI.

      Humans are terrible when it comes to realizing what they are doing. When VCRs were in all living rooms, we had the blinking 12 problem*. Now that everyone and his dog has internet access, we have the default password problem.

      Do we learn ? Nope.

      * for you younguns that never saw it : VCRs that blinked at 12:00 were the ones that their owners didn't know how to set the time and never bothered finding out. There were enough of them for the Internet to remember.

      1. Charles 9

        If I recall, that's one reason PBS channels started encoding time signals in their VBI area, so that stuff like VCRs could set themselves. Because let's face it, setting the time was similar to setting a digital watch.

      2. Warm Braw

        The early Philips VCRs had mechanical timers, much like an oven. I think, consequently, they were limited to one event. However, given the relatively short recording time and the price of tapes, it seemed they had the right balance of ergonomics to functionality.

        The real problem is that we are creatures of habit and stuffing a product with unintuitive features that most people will use once, if at all, is simply asking for them to be misused.

      3. John Geek
        Holmes

        I'd hazard to say that many of them were blinking 12:00 12:00 not because the owners were too stupid to find out how to set, but were tired of resetting it every time the power glitched, as the two-tiny-button time set procedure was incredibly tedious.

    2. AMBxx Silver badge

      probably a good ROI.

      Only for the criminals. The electricity consumed by the NAS boxes will be far greater.

  2. Doctor Syntax Silver badge

    Maybe the security was designed by their HR department. http://www.theregister.co.uk/2016/09/09/seagate_faces_suit_for_getting_phished/

  3. Infernoz Bronze badge
    Facepalm

    It is a really stupid idea for most people to make any SOHO device internet visible.

    Most people are probably not competent to manage device security for SOHO internet servers unaided, so the devices should require passing _up-to-date_ security validation checks before internet visibility can be enabled, good luck finding this in most NAS firmware/OS!

    My FreeNAS is only rarely configured for secure internet visibility and has configured user, group and client device security to stop LAN based abuse.

    For outside use, a Portable WiFi HD (like the 1TB one ALDI sold on Sunday) is probably less risky and can be configure to use WPA2 only and a secure WPA2 password.

    1. Charles 9

      Re: It is a really stupid idea for most people to make any SOHO device internet visible.

      It may be stupid, but it's what the customers demand, so you can't win. If you don't do it, you don't get any business and someone else just rises up and fills the demand, hook or crook. As a comedian once said, "You can't fix Stupid."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like