Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Files on QNAP NAS Devices Encrypted in Qlocker Ransomware Attacks

Following a wave of ransomware attacks, network-attached storage (NAS) appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices.

Following a wave of ransomware attacks, network-attached storage (NAS) appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices.

The Taiwanese company, which makes both NAS and professional network video recorder (NVR) solutions, has long been urging users to improve the security of their devices.

With QNAP NAS devices being targeted by ransomware families known as Qlocker and eCh0raix, the company is now advising users to download and install the latest Malware Remover version and scan their devices for any sign of infection.

The NAS manufacturer has updated the Malware Remover tool for platforms such as QTS and QuTS hero “to address the ransomware attack,” and tells users they should leave their NAS devices up and running if data on them has been encrypted.

Even unaffected users should run the latest Malware Remover version, as a precautionary measure. Users should also “modify the default network port 8080 for accessing the NAS operating interface,” QNAP says.

Furthermore, the company recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

The HBS 3 Hybrid Backup Sync application was updated on Thursday to address an improper authorization vulnerability. Tracked as CVE-2021-28799 and considered critical severity, the flaw can be abused by remote attackers to log into QNAP NAS devices.

Bleeping Computer reported that CVE-2021-28799 and CVE-2020-36195, a vulnerability that was patched last week, have been exploited in the Qlocker attacks.

Advertisement. Scroll to continue reading.

Related: Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices

Related: Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices

Related: QNAP Warns NAS Users of ‘dovecat’ Malware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...