If you have a device that connects to the internet on a regular basis, patch it. That’s the big-picture takeaway from today’s news of a hacker who convinced Synology DiskStations (a type of network-attached storage device) to mine more than 500 million Dogecoins for him — and made out with an estimated $620,000 in cash in the process. Much of the focus has been on the size of his haul, which may represent the largest sum of cash ever mined by unwitting dupes, but Synology got in touch with us to point out that hey — they actually patched the hole used by the hacker quite some time ago.
Synology was warned that this particular flaw existed on DiskStation Manager (DSM) 4.2 and 4.3 boxes and patched it on September 23. It sent out an update informing users of the need to update their hardware. In February, they released a patch to fix the same bug in the beta version of the DSM 5.0 OS. Since February, the company has seen a huge spike in reports and service tickets, again, primarily from users who haven’t updated their software.
No comments:
Post a Comment