Security News > 2021 > May > QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day
QNAP warns customers of an actively exploited Roon Server zero-day bug and eCh0raix ransomware attacks targeting their Network Attached Storage devices.
"The eCh0raix ransomware has been reported to affect QNAP NAS devices," the company said.
While QNAP doesn't mention how many reports it received from users directly affected by eCh0raix ransomware in the last weeks, BleepingComputer has seen an uptick in attack reports on the highly active eCh0raix support topic.
Today, although not making a direct connection with the eCh0raix attacks, QNAP also warned of an actively exploited zero-day vulnerability impacting Roon Labs' Roon Server 2021-02-01 and earlier versions.
The company recommends disabling the Roon Server music server and not exposing the NAS on the Internet to protect it from these active attacks until Roon Labs provides a security update.
A massive Qlocker ransomware campaign also hit QNAP devices starting mid-April, with the threat actors behind the attacks making $260,000 in just five days by remotely encrypting data using the 7zip archive program.
News URL
Related news
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days (source)
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- Microsoft fixes 6 zero-days under active attack (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)