Zero-Day Hacks Hit Synology & QNAP β How to Protect Your NAS NOW
DIGIBITE
@digibiteAbout
We run the NAScompares.com channel as our main hub for NAS enthusiasts. There is more content than days in the week, so we also run this other channel that focuses more on fun things you can do with your NAS and other tech, featuring little fun projects. If you have an idea of a tech topic we should make videos about, send an email to [email protected].
Latest Posts
Video Description
In this video, I break down the latest results from a major zero-day hacking competition in Ireland, where multiple NAS devices from Synology and QNAP were successfully compromised. From stack overflow exploits to hardcoded backdoors, attackers earned tens of thousands of dollars exploiting real-world vulnerabilities in devices many of us use every day. I walk through each successful hack, which NAS models were affected, and exactly what actions you should take right now to protect your NAS. https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://nascompares.com/news/pwn2own-ireland-2025-synology-and-qnap-devices-hacked-for-over-335000/ π Shopping List (Affiliate Links) β’ Synology DS925+ NAS: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://www.amazon.com/s?k=Synology+DS925%2B&linkCode=ll2&tag=dbite_yt-20 β’ QNAP TS-453E NAS: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://www.amazon.com/s?k=QNAP+TS-453E&linkCode=ll2&tag=dbite_yt-20 β’ QNAP QHora-322 Router: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://www.amazon.com/s?k=QNAP+QHora-322&linkCode=ll2&tag=dbite_yt-20 β’ TP-Link Managed VLAN Switch: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://www.amazon.com/s?k=tp-link+vlan+switch&linkCode=ll2&tag=dbite_yt-20 β’ TailScale VPN (Free Tool): https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://tailscale.com/ Support Us Patreon: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://www.patreon.com/NAScompares Ko-Fi: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://ko-fi.com/nascompares Other ways to support: https://nascompares.com/link.php?ref=https://youtu.be/zOvE_HgUf4s&u=https://nascompares.com/support-nas-passion/ π© Contact for review samples or brand collaboration: [email protected] Chapter Timestamps 00:00 β Intro: Zero-day hacking competition overview 00:20 β Synology & QNAP sent devices for testing 00:36 β Why this is serious: no patches yet 00:55 β QNAP TS-453E and QHora router vulnerability scope 01:32 β Synology: BeeStation, DS925+, DP Series, IP Camera 02:08 β Where to see full list of hacked devices 02:28 β BeeStation hacked using stack overflow ($40K) 02:50 β How to protect: No port forwarding, use VPN 03:07 β VLAN explanation and isolation from IOT 03:59 β DS925+ exploited using 2-bug combo ($20K) 04:34 β Remove third-party apps or isolate them 05:12 β Recap: How to secure DSM-based NAS 05:48 β DP Series exploit and firewall rules 06:26 β Synology IP camera vulnerable to known bug 07:03 β Never connect IP cameras to the internet 07:25 β QNAP QHora router exploited via 8 bugs ($100K) 07:45 β Why router security is hardest to manage 08:27 β TS-453E string bag attack, multiple root exploits 09:05 β Code injection bug used by CIC Tech ($20K) 09:25 β Known bugs reused: why werenβt they patched? 09:47 β Hardcoded credentials in 2025? Still? 10:22 β QNAP backdoor risk and isolation advice 10:43 β Final recap of all attacks 11:00 β Printers, cameras, and other devices are also targets 11:20 β Secure your network now β patches will take months 11:38 β Who will fix things first: Synology or QNAP? 11:53 β Outro: Stay safe, secure your NAS
No Recommendations Found
No products were found for the selected channel.