Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
The Almighty Buck Bug Data Storage Security Hardware

Malware Infects 70% of Seagate Central NAS Drives, Earns $86,400 (softpedia.com) 98

An anonymous Slashdot reader writes: A new malware family has infected over 70% of all Seagate Central NAS devices connected to the Internet. The malware, named Miner-C or PhotoMiner, uses these hard-drives as an intermediary point to infect connected PCs and install software that mines for the Monero cryptocurrency... The crooks made over $86,000 from Monero mining so far.

The hard drives are easy to infect because Seagate does not allow users to delete or deactivate a certain "shared" folder when the device is exposed to the Internet. Over 5,000 Seagate Central NAS devices are currently infected.

Researchers estimates the malware is now responsible for 2.5% of all mining activity for the Monero cryptocurrency, according to the article. "The quandary is that Seagate Central owners have no way to protect their device. Turning off the remote access NAS feature can prevent the infection, but also means they lose the ability to access the device from a remote location, one of the reasons they purchased the hard drive in the first place."
This discussion has been archived. No new comments can be posted.

Malware Infects 70% of Seagate Central NAS Drives, Earns $86,400

Comments Filter:
  • Put an un-updatable OS on a harddrive, Brilliant!

    • Re: Silly Suits (Score:4, Informative)

      by Anonymous Coward on Sunday September 11, 2016 @09:32AM (#52865589)

      There's a culture of insecurity at Seagate's NAS unit.

      Some years ago, we (not a security or IT firm) reported some issues with their web interface. Basically there was a public (no authentication needed) PHP script in the directory used to serve the web admin interface which ran arbitrary commands from the URI as wheel. That could be used to reset the admin password, load and run arbitrary code, load an entire hostile OS for the NAS, etc.

      Support didn't understand the issue, and security ignored it as being too difficult to exploit in practice. We soon pointed out to Seagate and some friendly media that there were hundreds of these exploitable Seagate NAS boxes indexed on Google, including Organizations working in charitable and vulnerable sectors, and that we would be contacting Seagate's customers about the issue.

      They still didn't admit that there was an issue, but their next 'firmware' update addresses the issue by requiring a password to run arbitraty commands from the URI. The passwors was the same for all devices and was stored in a plaintext file in the same publicly accessible directory.

      We stopped using Seagate products altogether after that experience.

  • by damn_registrars ( 1103043 ) <damn.registrars@gmail.com> on Saturday September 10, 2016 @10:14PM (#52864429) Homepage Journal
    The worst part of the story is that the HDD is made by Seagate and won't last more than 13 months regardless. The users think they bought a good network drive, until they go to retrieve their files and discover the drive has already bought the farm.
    • ... the HDD is made by Seagate and won't last more than 13 months regardless

      I have a Seagate 250GB PATA drive in my MythTV system for the OS and recordings. It was installed in 2007 and has been running 24x7 w/o any issues.

    • It is 2016. Who uses mechanical disks anymore?

      I own a Seagate drive which still works. Reason being is it is for storage and not booting or running apps. I read files every once and a while for linked folders for my Vm's which never stresses it that keeps it alive.

      The only people who use mechanical disks or for storage. Not running apps or booting here in 2016 so I think they are irrelevant

    • Most of Seagate's poor reputation is due to a couple bad drive models from around 2010. Their current lineup has above-average reliability (WD's is worse).

      I've actually been steering people away from WD drives lately. They've started adding very aggressive head parking timeouts to their firmware. So far, I know all their laptop drives and their 3.5" green drives are affected. I'm starting to suspect their 3.5" blue drives are as well. The drive's built-in firmware will park the heads after about 10
  • BUILD your own NAS (Score:5, Informative)

    by stikves ( 127823 ) on Saturday September 10, 2016 @10:18PM (#52864443) Homepage

    It is not difficult to setup http://www.freenas.org/ [freenas.org] on a small server machine, and benefit from FreeBSD security with no (known) backdoor accounts. If you're really serious get a proper NAS motherboard with ECC RAM (if you're not using ECC RAM, then it means you're not very serious with your data anyways), which won't cost you more than $500 with the case and the PSU.

    Of course if you're unable or unwilling to secure your box, accept that anything on the Internet is wide open, and buy (rent) online storage from Amazon, Box, or somewhere similar. Amazon gives free unlimited backup account with prime (which is around $99)

    • by jtmach ( 958490 ) on Sunday September 11, 2016 @12:45AM (#52864773)

      Amazon gives free unlimited backup account with prime (which is around $99)

      I checked on this because I it sounded too good. Here's what I found.

      Your Amazon Prime membership comes with Amazon Prime Photos, unlimited photo storage and 5 GB for videos, music, and other files.

      Unlimited backup of any files is $60 a year.

    • That depends, there's an incredibly large amount of media that will tolerate a flipped bit. There are a large amount of solutions out there to checksum and recover corrupted data. The odds of an ECC error causing disk corruption are quite low. To be honest there's a lot of things I would look at before thorough out everything just to get some ECC RAM.

      Speaking of throwing everything out, no need to go balls out with freenas and dedicated machines. Installing Seattle or owncloud would be a good stop gap for p

      • by NotAPK ( 4529127 )

        This article [zdnet.com] suggests that ECC should be used more than it is. Since yes, a single bit error won't matter at all to an MP3 or a moviefile, single bit errors can ruin JPEG files pretty easily, or corrupt a Word document. The point is you don't get to choose where the error will occur, so you have to assume it will happen in the worst possible place. There is a reason ZFS systems should have ECC memory [freenas.org].

        • by Mashiki ( 184564 )

          The reality is ECC vs non ECC is basically a speed and price point issue for most people. If you're doing something that's absolutely critical and you can't afford the possibility of any type of RAM corruption screwing things over for you, then ECC is the way to go. Anything else? You're looking at easily 1/3 or 1/8th the price(depending on where you live) for non-ECC vs ECC and more capacity. On top of that with speed? Parity checksums within current ram configurations are good enough whether it be fo

          • You're looking at easily 1/3 or 1/8th the price(depending on where you live) for non-ECC vs ECC and more capacity.

            Where I live ECC costs about 30% more than non-ECC, and with RAM prices being so low these days, this is more than affordable for the extra safety ECC brings.

            The bigger issue is with the cost of motherboards and CPUs which support ECC.

            • by Mashiki ( 184564 )

              The bigger issue is with the cost of motherboards and CPUs which support ECC.

              Not bad on the prices, better then around here. Sad I can remember when ECC support on motherboards and CPU's was pretty much standard. But if you're looking Intel, anything higher then the Haswell architecture supports it and on the AMD side all AM2 and AM3 processors except APU's support it(if I'm remembering right).

        • The reasons ZFS should have ECC memory is the same reason as your former line that you "assume the worst". ZFS does not need ECC memory any more than any other file system. The point is that ZFS with it's ultimate of data integrity can only ensure this integrity 100% if you use ECC. This is similar to a swiss cheese model used in industry to prevent an undesirable event. Each is a new mitigation. Only with every mitigation in place do you have perfect coverage, that does not mean that every single person ne

    • "won't cost you more than $500 with the case and the PSU."

      If drives and your time are free.

      "Amazon gives free unlimited backup account with prime (which is around $99)"

      If all you have to back up are pictures.

      • by dbIII ( 701233 )

        If drives and your time are free.

        It's a distro where you pretty well just tick boxes you want and get something that works out the other end. No mucking about with driver disks so in a lot of cases much easier than installing MS Windows.
        Other people already put in the time and drives are a lot closer to free than they used to be.

    • by Mashiki ( 184564 )

      Not even so much. I think the cost of the last one I build was $50, because I needed a powersupply. Everything else was from componenets which were sitting around, old intel e5300 for the CPU. Free ECC ram from a company going out of business. Bunch of 1T-2TB drives leftover from upgrades, old case laying around. Motherboard had onboard video but it was flaky, so I slapped in an old PCI videocard 20 minutes to setup. Got ambitious a few years ago and picked up a couple of PCI SATA drive controllers th

  • Are there no laws to force electronic manufacturers to fix these devices, in the same way that other manufacturers are forced to fix faults? Cyber security is supposed to be really important now with important people forming important committees and yet insecure devices are being sold, not fixed and not recalled even after manufacturers have been informed of their failings.

    It seems rather lopsided when a hacker is sent to jail for poking holes in an insecure voting website but Seagate can just throw their

  • https://blog.filippo.io/so-i-l... [filippo.io]

    TL;DR: jump to Chapter IV
  • by ctrl-alt-canc ( 977108 ) on Sunday September 11, 2016 @08:48AM (#52865493)
    I was considering that, after all, they earned (ahem...) up to now "only" 86,400 USD. To do this probably more than one people was involved, so halving as a mininmum the income for each person taking part to the dirty work. Since by doing this these people demonstrated some good programming and organizing skills, why didn't they put their skills for good use working as a consultant or starting a software company ? I know, you have to deal with IRS, balances, maybe PHBs, and all the bureaucracy that affects good companies. On the other side, if you get caught your work is rapidly destroyed, and if identified you get a fine, maybe some jail or probation time, and you are known forever as a bad guy. Is it really worth of it ?

"The Avis WIZARD decides if you get to drive a car. Your head won't touch the pillow of a Sheraton unless their computer says it's okay." -- Arthur Miller