Cryptocurrency Mining Malware Discovered Targeting Seagate NAS Hard Drives

Found on Softpedia on Sunday, 11 September 2016

According to Sophos, Seagate Central devices contain a public folder accessible to all users, even anonymous non-logged-in users, which can't be deactivated or deleted.

One of the files it copies is called Photo.scr, a script file that malware coders have modified to use a standard Windows folder icon.

Because Windows has a bad habit of hiding file extensions, whenever the device owner accesses their NAS, they see this file as a folder, fooled by the fake icon.

That's why the end user should have all options available, and sane default settings. Enforcing public shares with read/write permissions on any network connected device is just as retarded as hiding file extensions by default.

Browse all articles« Previous « » Next »