Security News > 2021 > December > QNAP NAS devices hit in surge of ech0raix ransomware attacks
Users of QNAP network-attached storage devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.
BleepingComputer forum users managing QNAP and Synology NAS systems have been regularly reporting eCh0raix ransomware attacks but more of them started to disclose incidents around December 20.
The jump in the number of attacks is confirmed by the ID ransomware service, where submissions started to increase on December 19 and subsided towards December 26.
Regardless of the attack path, it appears that the eCh0raix ransomware actor creates a user in the administrator group, which allows them to encrypt all files on the NAS system.
BleepingComputer has seen ech0raix ransomware demands ranging from.024 to.06 bitcoins during these recent attacks.
QNAP earlier this year alerted its users of another flurry of eCh0raix attacks earlier this year, targeting devices with weak passwords.
News URL
Related news
- Romanian energy supplier Electrica hit by ransomware attack (source)
- Ransomware attack hits leading heart surgery device maker (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Starbucks, Supermarkets Targeted in Ransomware Attack (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Clop ransomware claims responsibility for Cleo data theft attacks (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Ascension: Health data of 5.6 million stolen in ransomware attack (source)