Crypto-mining malware is making a comeback

Next story


If you need somewhere to backup your photos, videos and precious documents, but don’t want to mess around with the cloud, you might consider a NAS drive. But how secure are they?

After a few years on the backburner, coin mining is making a huge come-back as hackers infect Seagate NAS devices with cryptocurrency mining malware. Hackers are planting malware on Seagate (and other) NAS devices, in order to mine a minor cryptocurrency. Mark James, ESET IT Security Specialist , gives us an idea of how and why these devices are being targeted.


Why are hackers targeting this device?


“Hackers are always on the lookout for new and opportunistic ways to target devices and technology.

“This is often driven by consumer use, but the need for additional storage plagues everyone. The ‘cloud’ is always an option of course, but users like the idea of keeping storage local with options to backup offsite.

“NAS drives are becoming more popular and affordable, but sadly people will often fail to change default logins or passwords in an attempt to use its native “plug and play” attraction.

“This leads to a problem that may present itself wide open for malware, looking to sit and spread itself through public folders on these devices. Once the device presents itself to the web, the malware is able to utilise default access logins to enable itself to infect as many devices as possible.”


Are NAS devices horrendously insecure and why don't manufacturers do more to secure these devices?


“Only due to the fact they offer public access by default, users like to access their data from everywhere. A NAS drive could enable the average user to share their data to friends and family with little effort or cost.

“The problem the manufacturers have is making it as easy as possible to achieve this goal, without causing too many setup headaches.”


What should people/organisations do to mitigate these attacks while waiting for a patch?


“The first task on your list should be to review and modify any default passwords, and ensure the latest firmware and software has been installed. You should also check your user permissions are as restrictive as you need them to be; if you’re not going to offer public access for either usage or configuration, then turn off public and or remote access.”

Do you own a NAS drive? Were you aware of the risk your devices and data are in? Let us know on Twitter @ESETUK

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.