Categories: NewsSecurity

Criminals Leverage SambaCry Vulnerability to Gain Backdoor Access to NAS Devices

Computers are no longer the only devices susceptible to attacks. We have seen various types of malware targeting Internet of Things devices in recent months. It now appears that there is a new SambaCry vulnerability, capable of exploiting NAS devices. These devices can easily be backdoored by this exploit.

NAS Devices Are at Risk of Getting Hacked

Many people have a NAS device somewhere at home. These Network Attached Storage devices are often used to store either videos or photos, although some people also use them to keep specific documents safe. Any hardware running older versions of the Samba file-sharing service is now susceptible to the infamous SambaCry vulnerability. Leveraging this exploit allows criminals to install a backdoor Trojan on these Linux devices.

Most people who own a NAS are well aware of how these devices often come equipped with the Samba server software. This is done to provide a convenient solution for file-sharing interoperability. In fact, most people who use a NAS to access photos and videos from their Network Attached Storage device will do so using the Samba protocol. This protocol is especially useful when using devices running different operating systems in order to access information stored on the NAS itself.

This new exploit is called SHELLBIND. It leverages the SambaCry vulnerability, which has been known to the public since late May 2017. SHELLBIND appears to affect all versions of the Samba software released since 2010. Anyone who runs Samba version 3.5.0 or higher can be affected by this exploit. The Samba team is well aware of this problem, and a security patch has been issued to address the vulnerability.

Related Post

Some people may be wondering what criminals hope to gain from leveraging this exploit. It can be used to install cryptocurrency mining software such as the EternalMiner tool, which we have discussed earlier. Additionally, with a backdoor to the NAS device opened on port 61422, there is no limit to the damage criminals could do. They could simply open a remote shell on the infected device, giving them full administrator rights.

The backdoor Trojan is designed to modify existing local firewall settings and open a TCP connection on port 61422. Once SHELLBIND successfully infiltrates a device of its choice, it sends a notification to a centralized server, which could prove to be a fatal point of weakness in the future. This allows criminals to remotely connect to the NAS and have their way with the system. Installing cryptocurrency mining software is just one possible threat.

Security researchers are mainly concerned with how SHELLBIND could be used to steal sensitive information. Even though it mainly targets NAS devices, the malware could be deployed against other IoT devices as well. Although we might never know the full scope of these attacks and what criminals may be after, data theft is still a very likely outcome. Any information obtained from NAS or IoT devices could easily be sold on the darknet, as there will always be interested parties looking to buy personal information.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

4 mins ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

35 mins ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

1 hour ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

2 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

5 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

6 hours ago