Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

QNAP Investigating New Attacks Targeting NAS Devices

Network-attached storage (NAS) appliance manufacturer QNAP Systems says it is investigating reports of malicious attacks targeting NAS devices.

Network-attached storage (NAS) appliance manufacturer QNAP Systems says it is investigating reports of malicious attacks targeting NAS devices.

Known worldwide for its NAS and professional network video recorder (NVR) solutions, the Taiwan-based company on Friday issued two advisories to warn of a new wave of attacks targeting its users, urging them to ensure that their NAS devices are not exposed to the Internet.

In the first advisory, the company reveals it is investigating an attack campaign in which threat actors target a vulnerability in the Roon Server. The company says all QNAP NAS devices that run Roon Server 2021-02-01 and earlier might be susceptible to attacks.

Provided by Roon Labs, the Roon Server provides QNAP NAS users with the full range of capabilities they would expect from a music server, including an easy way to navigate music and access to artist biography, concert dates, lyrics, and more.

“We have already notified Roon Labs of the issue and are thoroughly investigating the case. We will release security updates and provide further information as soon as possible,” QNAP says.

In the meantime, users should make sure their NAS is not connected to the Internet and should also disable the Roon Server to ensure they are not exposed to potential attacks.

Secondly, QNAP says it’s investigating reports that NAS devices continue to be targeted with the eCh0raix ransomware.

“Devices using weak passwords may be susceptible to attack. We strongly recommend users act immediately to protect their data,” the company says.

Advertisement. Scroll to continue reading.

To mitigate risks, users are advised to use strong passwords for their administrator accounts, to enable IP Access Protection to ensure accounts are protected from brute force attacks, and to avoid using default port numbers 443 and 8080.

This is not the first time QNAP NAS devices have been targeted with the eCh0raix ransomware. In April, the company warned of assaults involving the Qlocker and eCh0raix ransomware families, urging users to immediately perform detection and cleanup operations.

Related: Files on QNAP NAS Devices Encrypted in Qlocker Ransomware Attacks

Related: Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices

Related: QNAP Warns NAS Users of ‘dovecat’ Malware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.