500 million Dogecoin mined with NAS hack

200 million dogecoins were mined with a nas hack

photo credit: Don Hankins

It’s unbeliveable but true: A hacker mines 500 million Dogecoin by hacking into NAS boxes manufactured by Synology! The Dogecoins have a worth of USD 200,000! With a botnet of infected devices the hacker combined the power of the computing power to a private pool which was mining Dogecoin and generated about 500 million Dogecoin between January and April this year.

Secureworks uncovered the issue. An investigator found a process named PWNED and reported it to Synology in Februrary. If the process not were named as such, the hack would not have been as obvious upon closer inspection. In a Secureworks blog post they said:

Tracking a threat actor is frequently a wild goose chase that leads down many rabbit holes. In this case, we started our investigation by looking at the username found in the configuration file “foilo.root3″. Scouring Google brought back several interesting results, namely the threat actor’s Github and BitBucket account. In browsing through some of the hacker’s publicly available code, it becomes quite clear that “Foilo” is not new to the world of exploitation and malware.

By correlating some of the strings found in other configurations posted around the net (as this breach was coming to light), coupled with his BitBucket page, the findings strongly indicate that the threat actor is of German descent.

At the Synology Forums affected consumers can now find instructions on how to patch the hijack and exploit on their device.

Facebooktwittergoogle_plusredditmailby feather

Leave a Reply