Synology closes leak that secretly allowed mining of bitcoins on NAS

By releasing a software update for its NAS systems, Synology has patched a vulnerability that allowed attackers to secretly mine bitcoins on the device. Users complained that certain processes used up their computing power.

The conscious update for NAS systems that run on Synology’s DiskStation Manager software was announced in an email to users, of which Tweaker marcel87 has put a screenshot online. The software has now appeared in the download center on the Synology site. In the changelog, the creator states that the update removes malware from the systems that may have previously been acquired by a security vulnerability. Specific processes such as minerd and various PWNED variants are mentioned.

Last week, it emerged that Synology’s NAS systems are susceptible to malware that accumulates bitcoins in the background. Incidentally, the software would also search for login details and passwords. The issues were identified after users reported experiencing slow NAS. Shortly afterwards, the manufacturer indicated that it was investigating the problems. The problems are in version 4.x of the DiskStation Manager software that Synology has developed for its NAS systems.