Seagate's Central NAS boxes have proven particularly susceptible to the Miner-C malware, with Sophos claiming over 70 per cent of all internet-connected units have been infected.
Seagate's small and home office SOHO network attached storage NAS products are under attack by a cryptocurrency-mining malware dubbed Miner-C, with claims from researchers that over 70 per cent of all Seagate Central NAS devices accessible from the internet have been infected.
According to a report PDF warning published by anti-virus specialist Sophos, the Miner-C malware doesn't actively target Seagate's Central range of NAS devices; rather, a security flaw in the Seagate Central devices makes them susceptible to attack to the point where more than 70 per cent of Seagate Central NAS devices accessible from the internet have Miner-C infections present.
The flaw, Sophos claims, comes from the fact that it is impossible to delete the public share and account from the device coupled with the fact that activating remote access - a common usage scenario for a NAS box on a small office or home network - does so for all users including the anonymous public account.
The malware looks for this publicly-accessible share and writes copies of itself therein, disguised to look like a traditional Windows folder.
The malware doesn't actively run on the NAS itself; rather it sits in the share waiting for someone to accidentally execute what they believe to be a folder, then infects the Windows machine from which the NAS was accessed in order to mine the Monero cryptocurrency.