Security News > 2021 > April > Files on QNAP NAS Devices Encrypted in Qlocker Ransomware Attacks
Following a wave of ransomware attacks, network-attached storage appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices.
The Taiwanese company, which makes both NAS and professional network video recorder solutions, has long been urging users to improve the security of their devices.
With QNAP NAS devices being targeted by ransomware families known as Qlocker and eCh0raix, the company is now advising users to download and install the latest Malware Remover version and scan their devices for any sign of infection.
The NAS manufacturer has updated the Malware Remover tool for platforms such as QTS and QuTS hero "To address the ransomware attack," and tells users they should leave their NAS devices up and running if data on them has been encrypted.
Users should also "Modify the default network port 8080 for accessing the NAS operating interface," QNAP says.
Tracked as CVE-2021-28799 and considered critical severity, the flaw can be abused by remote attackers to log into QNAP NAS devices.
News URL
Related news
- QNAP fixes NAS backup software zero-day exploited at Pwn2Own (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-13 | CVE-2021-28799 | Unspecified vulnerability in Qnap Hybrid Backup Sync An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. | 9.8 |