Today's synology DSM update

[mentaluproar]

Am I the only one amused by today's DSM update?

Exceptionally high CPU usage detected in Resource Monitor:
CPU resource occupied by processes such as dhcp.pid, minerd, synodns, PWNED, PWNEDb, PWNEDg, PWNEDm, or any processes with PWNED in their names
Appearance of non-Synology folder:
An automatically created shared folder with the name “startup”, or a non-Synology folder appearing under the path of “/root/PWNED”
Redirection of the Web Station:
“Index.php” is redirected to an unexpected page
Appearance of non-Synology CGI program:
Files with meaningless names exist under the path of “/usr/syno/synoman”
Appearance of non-Synology script file:
Non-Synology script files, such as “S99p.sh”, appear under the path of “/usr/syno/etc/rc.d”

 

[maflynn]

Given what you see, I'd say it looks more like malware then an official update.

 

[mentaluproar]

That's what I was thinking. Looking at the synology website gives a clearer picture.

Version: 4.3-3827

(2014/2/14)
Change Log

This update repairs the system and removes malware caused by past system vulnerabilities (CVE-2013-6955, CVE-2013-6987).
The compatibility of SMB 2 file service has been enhanced when transferring files to Mac OS X 10.9.
Fixed an issue where SFTP service would consume excessive memory when it was enabled.
This update is required to continue using QuickConnect & Push Service notifications.