Security News > 2021 > December > QNAP NAS devices hit in surge of ech0raix ransomware attacks
Users of QNAP network-attached storage devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.
BleepingComputer forum users managing QNAP and Synology NAS systems have been regularly reporting eCh0raix ransomware attacks but more of them started to disclose incidents around December 20.
The jump in the number of attacks is confirmed by the ID ransomware service, where submissions started to increase on December 19 and subsided towards December 26.
Regardless of the attack path, it appears that the eCh0raix ransomware actor creates a user in the administrator group, which allows them to encrypt all files on the NAS system.
BleepingComputer has seen ech0raix ransomware demands ranging from.024 to.06 bitcoins during these recent attacks.
QNAP earlier this year alerted its users of another flurry of eCh0raix attacks earlier this year, targeting devices with weak passwords.
News URL
Related news
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)