Security News > 2021 > April > New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It!
A new ransomware strain called "Qlocker" is targeting QNAP network attached storage devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives.
In response to the ongoing attacks, the Taiwanese company has released an advisory prompting users to apply updates to QNAP NAS running Multimedia Console, Media Streaming Add-on, and HBS 3 Hybrid Backup Sync to secure the devices from any attacks.
"The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks."
CVE-2020-36195 concerns an SQL injection vulnerability in QNAP NAS running Multimedia Console or Media Streaming Add-on, successful exploitation of which could result in information disclosure.
On the other hand, CVE-2021-28799 relates to an improper authorization vulnerability affecting QNAP NAS running HBS 3 Hybrid Backup Sync that could be exploited by an attacker to log in to a device.
Since its debut in July 2019, the eCh0raix gang is known for going after QNAP storage appliances by leveraging known vulnerabilities or carrying out brute-force attacks.
News URL
Related news
- Lessons from a Ransomware Attack against the British Library (source)
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)
- The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack (source)
- How can the energy sector bolster its resilience to ransomware attacks? (source)
- The Drop in Ransomware Attacks in 2024 and What it Means (source)
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks (source)
- Daixin ransomware gang claims attack on Omni Hotels (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2021-28799 | Unspecified vulnerability in Qnap Hybrid Backup Sync An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. | 9.8 |
| 2021-04-17 | CVE-2020-36195 | SQL Injection vulnerability in Qnap QTS An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. | 7.5 |