Synology Unattended Attack Warning Targeting NAS

A large-scale attack on the Synology NAS (Network Storage Device) is underway, requiring attention from users of the product.

According to a report by GDNet Korea on the 11th, the operating system for Synology NAS through various access IPs such as Japan and China as well as Korea from the afternoon of the 10th to the present
Attempts to invade “DSM” (Disk Station Manager) are continuing.

They access the page for external access and then try to access the ‘admin’ account, which is used as an administrator ID, by changing the password during the initial setup process.

If “admin” access is successful without permission from the outside, the possibility of data leakage, damage, and ransomware infection stored on the NAS increases. 토토사이트

A Synology official recommended the following attacks on Synology NAS, which have continued since the afternoon of the 10th to the present.

▶︎ Disable account ‘admin’

▶︎ Change the password of the account you are currently using to a complex one mixed with English upper and lower case letters, numbers, and special characters

▶︎ Enable ‘auto-block’ to block connections from the IP if the connection fails continuously for a certain period of time

▶︎ Change the port for connection from the default port (5000-5010) to another port

▶︎ Utilize the ‘secure sign’ function that performs two-stage authentication with an app for smartphones