SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
15 Oct 2014

Malicious worm seeks vulnerable home data stores

A malicious worm that can roam the net seeking data stored on insecure hardware has been created by a security researcher. The proof-of-concept worm was written to illustrate how vulnerable such data stores are to malicious attack.

The worm can exploit the many bugs researcher Jacob Holcomb found in popular home data storage systems. Already, he said, there was evidence cybercriminals had noticed how easy it was to exploit these data stores.

Game over

Mr Holcomb started work on the worm after carrying out a series of tests on Network Attached Storage (NAS) systems made by 10 separate manufacturers. Many people connect these devices to a home router to give family members a place to put important files such as photos and films or to act as a back-up for other gadgets. Some home routers can also connect to hard drives to turn them into an NAS-type device.

Mr Holcomb's investigation revealed 30 separate undocumented vulnerabilities in the NAS devices. Many of these, if exploited, would give an attacker complete control over a device letting them plunder the data on it, or use it as a way to get at other devices on that home network and spy on what people did online.

Most of the exploitable problems he found were in the web-based interface typically used to administer these devices. "I took the series of exploits I found and wrapped them into a software package that's in essence self-replicating," said Mr Holcomb. The worm runs on an infected system and once it has taken control uses that system's resources to scan net addresses seeking out other vulnerable devices.

If an address gives an appropriate response, it sends a series of data requests to "fingerprint" that device so it knows which vulnerabilities to try against it. "Once these devices are exposed to the internet, it's pretty much game over because most vulnerabilities can be exploited using authentication bypass techniques or with no authentication at all," he told the BBC.

Mr Holcomb is set to demonstrate how the worm works during a speech at the Black Hat Europe security conference being held in Amsterdam this week. To safeguard vulnerable hardware, he plans to run it on a closed network rather than live on the net.

Although Mr Holcomb's worm was written to demonstrate the danger these insecure data stores represent, he said there was evidence that cyber-thieves were waking up to the treasure trove of data these devices can contain.

In early 2014, a malicious program called TheMoon targeted hardware made by Linksys and in early October a malicious campaign was launched against NAS boxes made by Qnap. "These attacks are definitely becoming more widespread," said Mr Holcomb.

Information about the vulnerabilities found in NAS boxes has been passed to manufacturers, said Mr Holcomb, and many were now updating the software that controls the devices to fix the bugs. Qnap has issued an update for the firmware running on the gadgets vulnerable to the bug abused earlier this month.

Mr Holcomb said it was possible to use NAS safely if owners took some straightforward steps such as turning off unwanted features and services and ensuring the device can only be administered from within a home network rather than across the web.

Tags:
NAS trends information leaks
Source:
BBC
1829
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015