Connect with us

Hi, what are you looking for?


Data Protection

Storage Maker QNAP Warns of Malware Targeting Its NAS Devices

Network-attached Storage (NAS) device maker QNAP has published a security advisory to alert of malware targeting its NAS devices. 

Network-attached Storage (NAS) device maker QNAP has published a security advisory to alert of malware targeting its NAS devices. 

Rated High severity, the alert reveals that some QNAP storage appliances are affected by a recently reported malicious program, but doesn’t offer details on which products are impacted. 

“A recently reported malware is known to affect QNAP NAS devices. We are currently analyzing the malware and will provide the solution as soon as possible,” reads the advisory from the Taiwanese company. 

QNAP NAS customers are advised to manually update Malware Remover to the latest version, to make sure the QTS software running on the device is up to date, and to also update all applications on storage devices. 

The advisory also provides customers with information on how to update the Malware Remover, QTS, and the applications on the NAS, but offers little in terms of information regarding the malware affecting these devices. 

For several weeks, users took it to the QNAP NAS Community Forum to complain about issues with their devices, but the company only appears to have started an investigation into the issue last week, following an article on The Register. 

Infected devices apparently make a large number of requests to IP address 

Advertisement. Scroll to continue reading.

Users posting on the forum report that the most common issues they observed included firmware and antivirus failing update checks, and inability to install the Malware Remover. Some say that even the manual installation fails. 

QNAP has apparently updated the Malware Remover script and users who run the latest version should be able to clear the infection. 

Malware targeting QNAP NAS appliances isn’t new. In fact, the company’s storage devices have been among those targeted by the VPNFilter attack that hit a critical infrastructure organization in Ukraine last year.

Related: VPNFilter Targets More Devices Than Initially Thought

Related: Critical Vulnerabilities Patched in QNAP Storage Devices

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.