Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Files on QNAP NAS Devices Encrypted in Qlocker Ransomware Attacks

Following a wave of ransomware attacks, network-attached storage (NAS) appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices.

Following a wave of ransomware attacks, network-attached storage (NAS) appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices.

The Taiwanese company, which makes both NAS and professional network video recorder (NVR) solutions, has long been urging users to improve the security of their devices.

With QNAP NAS devices being targeted by ransomware families known as Qlocker and eCh0raix, the company is now advising users to download and install the latest Malware Remover version and scan their devices for any sign of infection.

The NAS manufacturer has updated the Malware Remover tool for platforms such as QTS and QuTS hero “to address the ransomware attack,” and tells users they should leave their NAS devices up and running if data on them has been encrypted.

Even unaffected users should run the latest Malware Remover version, as a precautionary measure. Users should also “modify the default network port 8080 for accessing the NAS operating interface,” QNAP says.

Furthermore, the company recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

The HBS 3 Hybrid Backup Sync application was updated on Thursday to address an improper authorization vulnerability. Tracked as CVE-2021-28799 and considered critical severity, the flaw can be abused by remote attackers to log into QNAP NAS devices.

Bleeping Computer reported that CVE-2021-28799 and CVE-2020-36195, a vulnerability that was patched last week, have been exploited in the Qlocker attacks.

Advertisement. Scroll to continue reading.

Related: Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices

Related: Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices

Related: QNAP Warns NAS Users of ‘dovecat’ Malware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights