Taiwan-based vendor Synology has warned customers that the StealthWorker botnet is conducting brute-force attacks in an attempt to implant ransomware.
Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS.
The vendor reporting its findings with relevant CERTs and is working with them to dismantle the C&C (command and control) infrastructure behind the malware. Synology is also notifying affected customers.
The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials.
