Security News > 2021 > April > New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It!
A new ransomware strain called "Qlocker" is targeting QNAP network attached storage devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives.
In response to the ongoing attacks, the Taiwanese company has released an advisory prompting users to apply updates to QNAP NAS running Multimedia Console, Media Streaming Add-on, and HBS 3 Hybrid Backup Sync to secure the devices from any attacks.
"The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks."
CVE-2020-36195 concerns an SQL injection vulnerability in QNAP NAS running Multimedia Console or Media Streaming Add-on, successful exploitation of which could result in information disclosure.
On the other hand, CVE-2021-28799 relates to an improper authorization vulnerability affecting QNAP NAS running HBS 3 Hybrid Backup Sync that could be exploited by an attacker to log in to a device.
Since its debut in July 2019, the eCh0raix gang is known for going after QNAP storage appliances by leveraging known vulnerabilities or carrying out brute-force attacks.
News URL
Related news
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2021-28799 | Unspecified vulnerability in Qnap Hybrid Backup Sync An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. | 9.8 |
| 2021-04-17 | CVE-2020-36195 | SQL Injection vulnerability in Qnap QTS An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. | 9.8 |