Urgent Notification about TNAS being Attacked by Ransomware

Official announcements and latest news, awards from medias, and sucess stories.
User avatar
NavinKanus
Posts: 1
Joined: 13 Jan 2022, 11:02

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by NavinKanus »

What do you say about the python script TM?

I am hoping you now found the vulnerability, which looks like it is extremely easy to hack any of your nas devices.

So stop saying that it is our password and start accepting that it is your TOS that has a big hole in it.
User avatar
REBELinBLUE
Posts: 29
Joined: 05 Dec 2021, 06:37

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by REBELinBLUE »

the TOS PHP scripts are encoded with something like zend guard so can't see what they do wrong :(
User avatar
Charlie_Croker
Posts: 105
Joined: 07 Oct 2020, 19:05

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by Charlie_Croker »

REBELinBLUE wrote:
> https://thatsn0tmy.site/posts/2021/12/h ... mmon-rces/ found this write
> up, this is just terrible

Bloody hell that's bad news. I note that its dated December 2021. So looks like its being exploited. TM this needs to be fixed ASAP or reinstalling the NAS will just lead to a a further issue with people's data.
@TMRoy, we need to know what TM's plans are?
User avatar
NavinKanus
Posts: 1
Joined: 13 Jan 2022, 11:02

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by NavinKanus »

Wow, that was not hard. The write up clearly explains the whole exploit.

Hoping TM now knows what went wrong.

FIX IT TM, right now !
User avatar
REBELinBLUE
Posts: 29
Joined: 05 Dec 2021, 06:37

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by REBELinBLUE »

As a PHP Engineering Team Lead there are quite a few things in this code which would be a no no!

function __construct()
{
global $in, $config, $db, $L;
...


globals are always a sign of bad design... That would automatically disqualify any candidate 😂
User avatar
Charlie_Croker
Posts: 105
Joined: 07 Oct 2020, 19:05

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by Charlie_Croker »

I have now pulled plug on my TM, no way can this kind of S@£$ security be in any way excused.This is sloppy and shows no sign of any security audits, no sign of penetration testing on quality control. I know TM is at the budget end of the NAS market, but this is not acceptable , you are storing people's data (and in many cases their irreplaceable data). I was prepared to give TM the benefit of the doubt, but not for this.
Still I suppose we can now expect lots of pictures of Pugs! :(
User avatar
NavinKanus
Posts: 1
Joined: 13 Jan 2022, 11:02

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by NavinKanus »

I don't think TM is going to respond now. The evidence is out. They made a huge mistake with their quality control, especially in the security part of the product.

Open Source development is always going to be a problem unless the developers have strong knowledge of security.
User avatar
REBELinBLUE
Posts: 29
Joined: 05 Dec 2021, 06:37

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by REBELinBLUE »

NavinKanus wrote:
> Open Source development is always going to be a problem unless the
> developers have strong knowledge of security.

The thing is TOS isn't opensource, arguably if it were this would have been found sooner and by someone who wasn't looking to exploit it (not saying the person who posted that blog is responsible for exploiting it but they certainly make it sound like that was their intention and it doesn't sound like they reported it to TerraMaster before disclosing it publicly).

One of the first things I did when I got mine and noticed it was running PHP was pretty much the same as this guy, except when I found out the PHP files were encoded I gave up as I wasn't interested enough to try and reverse engineer them; I'm sure there are many people who are the same; so instead it was left to someone more determined to find actually exploits, either for bad purposes or to make a name for themselves rather than just the people who use the software and are interested in the workings of it.
User avatar
TMroy
TerraMaster Team
Posts: 2578
Joined: 10 Mar 2020, 14:04
China

Re: Urgent Notification about TNAS being Attacked by Ransomware

Post by TMroy »

Already passed this info to the tech team, I believe that they will have a patch soon for such an issue.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Post Reply