QNAP this week warned users of attacks targeting QNAP NAS (network-attached storage) devices with a piece of malware named “dovecat.”
The networking and storage solutions provider says it has received reports from users who had their devices infected with the malware, and, after analyzing the attacks, discovered that the use of weak passwords on Internet-connected devices was the root cause of infection.
The cybercriminals behind dovecat, QNAP explains, are installing Bitcoin miners on the compromised NAS devices, without user consent.
In a November 2020 knowledgebase article, the company pointed out that users of any NAS model series can detect potential compromise by looking for a dovecat process running on their devices.
At the time, the company also encouraged users to report all identified infections, and to ensure that they are running the latest versions of the NAS firmware and Malware Remover.
This week, the company also urged users to update the QTS operating system to the latest version, install Security Counselor and execute it with Intermediate Security Policy (or above), install a firewall, and enable Network Access Protection, so that accounts are protected from brute force attacks.
Furthermore, users should make sure that strong administrative passwords are set on their devices, and that any SSH and Telnet services that are not in use are disabled, along with any other unused services and apps.
QNAP also tells users they should avoid using default port numbers (such as 80, 443, 8080, and 8081), and encourages them to enhance the security of their NAS devices by following best practices that the company has already detailed.
“These actions can further enhance NAS security and make it harder for dovecat to enter your QNAP NAS,” the company says, adding that it is focused on developing a solution that will help users remove the dovecat malware from the infected devices.
Related: QNAP Issues Advisory on Zerologon Vulnerability
Related: Hackers Are Targeting a Three-Year Old Vulnerability in QNAP NAS Devices
Related: US, UK Warn of Malware Targeting QNAP NAS Devices
Related: Vulnerabilities Exposed Hundreds of Thousands of QNAP NAS Devices to Attacks
More from Ionut Arghire
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data
- Legit Security Raises $40 Million in Series B Financing
- Atlassian Security Updates Patch High-Severity Vulnerabilities
- Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
- Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement
Latest News
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
