Synology has identified an attack campaign against its network-attached storage (NAS) devices. The attack is spearheaded by a malware family called StealthWorker. The malware is trying to compromise devices by logging in using weak or common credentials. Compromised devices will try to carry out additional attacks against other Linux devices, including other Synology NAS devices. Users have been advised to change their credentials if they are weak, and to set up multi-step authentication as soon as possible so that, even if attackers somehow get ahold of valid credentials, they encounter another layer of security.”]