Malware targets DVRs and Synology NAS to mine bitcoin

Malware that aims at infecting computers and turning them into bitcoin miners isn’t something new. However, a new piece of malware has surfaced that aims to turn hardware you might not think of getting infected into bitcoin mining drones. A new report has found a malware that infects DVRs. One of the binaries in the malware is D72BNr and the bitcoin mining portion of the malware is mzkk8g.

The malware binaries have been discovered after reports last week that some hosts that were scanning for port 5000 on networks were actually DVRs. These aren’t the kind of DVRs that you have in your living room mind you. These DVRs are the sort that are used to record digital video from surveillance cameras.

Investigation into the malware and its code is ongoing right now. The source of the compromise is believed to be an exposed Telnet port inside the DVR and default passwords that weren’t changed. Other tidbits about the malware that are known now include that it is an ARM binary, so it is attacking devices. The malware also specifically scans for Synology network attached storage devices that are exposed on port 5000.

Researchers that discovered the malware say that for now the software is scanning for vulnerable devices. They believe that an exploit taking advantage of those vulnerable devices will come later. Malware that seeks to turn devices and systems into bitcoin miners aren’t likely to stop any time soon. The virtual currency has lots of real world value for single coins.

SOURCE: SlashDot and ISC.sans.edu