A proof-of-concept worm that can hunt network attached storage (NAS) devices has been created by a security researcher. According to Tech World, the worm can target devices created by three different manufacturers.
Jacob Holcomb discovered that NAS devices from 10 manufacturers were “all susceptible to root compromise”, and that half of those did not need authentication. From there, he built a proof-of-concept worm, demonstrated at the Black Hat Europe security conference in Amsterdam, that can infect the Western Digital MyCloud EX4, TRENDnet TN-200/TN-200T1 and D-LINK DNS-345 devices automatically by “exploiting command injection and authentication bypass vulnerabilities,” explains TechWorld, adding that “as far as he knows are still unpatched.”
Proof-of-concept worm can attack network attached storage
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.