Hacker Exploits NSA Vulnerability to mine Dogecoin
Dogecoin hacked, Hacker Exploits NSA Vulnerability to mine Dogecoin, Hacker Hijacks Synology NAS Boxes for Dogecoin Mining Operation, Reaping Half Million Dollars in Two Months - See more at: http://www.secureworks.com/resources/blog/hacker-hijacks-synology-nas-boxes-for-dogecoin-mining-operation-reaping-half-million-dollars-in-two-months, hacking bitcoin, hackers mined bitcoin
published the details of the attack. Researcher have discussed four vulnerability in the Synology boxes’ DiskStation Manager Linux-based operating system. The bugs were reported last September and patched in February.
Between Feb. 1 and May 9, scans for port 5000, the same port on which Synology NAS boxes listen, rose to unprecedented levels, the SANS Internet Storm Center said.
“Ultimately, it was discovered that the cause of the excessive resource consumption was due to illegitimate software that had infected the systems, which ironically, was stored in a folder labeled ‘PWNED,’”
Firstly the bug was reported on September 2013 by a researcher Andrea Fabrizi. The bugs ranged from a remote file download issue, where authenticated users were allowed to download any file including password files owned by other DSM users, to a command-injection vulnerability, and two issues that led to partial remote content downloads.
Researcher have found the 'Pwned' folder on the compromised system and it didn't take them long to figure out that the hackers were mining cryptocurrency. The attacker had dropped CPUMiner malware that had been tweaked for Synology NAS hardware. The malware opened a backdoor and connected over port 8332 to a remote server
The digital wallet address was unknown on public mining pools. After that researcher have got some of the evidence cryptocurrency blockchain in a code string, as well as the botmaster’s public key that matched a particular Dogecoin wallet.
After exploring the deep investigation on the address they have found the approx value of 500 million mined Dogecoins. And this was the totally a sum of $620,496 USD, and this was earned just in two moths.