StealthWorker botnet is targeting network-attached storage device manufacturer Synology. Attackers are using stolen admin credentials in brute force attacks to target larger number of systems. Synology is warning customers that the infected devices may carry out additional attacks on other Linux-based devices, including Synology NAS The company has begun notifying potentially affected customers and is working in collaboration with CERTs to crack down on the command-and-control servers operating the malware. NAS devices are today being used for collaboration and centralized storage and therefore being exposed to the internet.”]
Source: https://www.cuinfosecurity.com/synology-nas-devices-targeted-by-stealthworker-botnet-a-17261