Security News > 2020 > July > QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices
Called QSnatch, the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America.
"All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes," the US Cybersecurity and Infrastructure Security Agency and the UK's National Cyber Security Centre said in the alert.
The mode of compromise, i.e., the infection vector, still remains unclear, but CISA and NCSC said the first campaign likely began in 2014 and continued till mid-2017 before intensifying over the last few months to infect about 7,600 devices in the US and approximately 3,900 devices in the UK. Over 7,000 NAS devices were targeted with the malware in Germany alone, according to the German Computer Emergency Response Team as of October 2019.
The malware gains persistence by preventing updates from getting installed on the infected QNAP device, which is done by "Redirecting core domain names used by the NAS to local out-of-date versions so updates can never be installed."
"Verify that you purchased QNAP devices from reputable sources," CISA and NCSC suggested as part of additional mitigation against QSnatch.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/e35LebcDVDQ/qnap-nas-malware-attack.html