Security News > 2021 > May > QNAP confirms Qlocker ransomware used HBS backdoor account
QNAP is advising customers to update the HBS 3 disaster recovery app to block Qlocker ransomware attacks targeting their Internet-exposed Network Attached Storage devices.
"The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3," the Taiwan-based NAS appliance maker said in a security advisory issued today.
A massive Qlocker ransomware campaign started breaching QNAP NAS devices during the week of April 19, replacing victims' files with password-protected 7-zip archives.
Even though this is not the first time QNAP mentioned Qlocker exploits targeting the HBS 3 backdoor account, it is the first time the company links the flaw to the campaign's primary attack vector.
Unfortunately for QNAP customers targeted in the Qlocker ransomware campaign, this warning comes too late since the threat actors behind these attacks have already stopped the onslaught.
While Qlocker ransomware might have shut down, this is not the only ransomware currently targeting QNAP NAS devices.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2021-28799 | Unspecified vulnerability in Qnap Hybrid Backup Sync An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. | 9.8 |