Security News > 2021 > December > QNAP NAS devices hit in surge of ech0raix ransomware attacks
Users of QNAP network-attached storage devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.
BleepingComputer forum users managing QNAP and Synology NAS systems have been regularly reporting eCh0raix ransomware attacks but more of them started to disclose incidents around December 20.
The jump in the number of attacks is confirmed by the ID ransomware service, where submissions started to increase on December 19 and subsided towards December 26.
Regardless of the attack path, it appears that the eCh0raix ransomware actor creates a user in the administrator group, which allows them to encrypt all files on the NAS system.
BleepingComputer has seen ech0raix ransomware demands ranging from.024 to.06 bitcoins during these recent attacks.
QNAP earlier this year alerted its users of another flurry of eCh0raix attacks earlier this year, targeting devices with weak passwords.
News URL
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks (source)