Hello,
Please I need help,
This morning I woke up and realised that my Heimdall had been edited by someone else, though I'm the only one in the house who knows Heimdall even exists.
The Application list was emptied and a new user called "plop" was created, with a picture of a group of dudes looking angry.
I've immediatly turned off my nas, and removed the network cable... and now I'm afraid to turn it back on.
I'm pretty sure that they've put that picture after collecting everything they could...
I've checked my notifications emails and saw this email at 7:36am :
The following users are locked/banned or are candidates for too many failed login attempts:
root:
When: 2023-03-27 15:22:24
Type: RHOST
Source: (an IP address that is not mine)
Valid: V
Then at 8:33 an email titles Anacron Job 'cron.daily"
Can you please tell me how severe this is for the personal data that I store on that NAS, and what should be my next steps ?
To be transparent, I'm freaking out.
Thank you so much in advance,
Warm regards,