Security News > 2022 > January > QNAP: Get NAS Devices Off the Internet Now

QNAP: Get NAS Devices Off the Internet Now
2022-01-07 16:14

Get your internet-exposed, network-attached storage devices off the internet now, Taiwanese manufacturer QNAP warns: Ransomware and brute-force attacks are widely targeting all network devices.

"The most vulnerable victims will be those devices exposed to the Internet without any protection," QNAP said on Friday, urging all QNAP NAS users to follow security-setting instructions that the Taiwanese NAS maker included in its alert.

First off, to check whether your NAS is exposed to the internet, QNAP instructed device owners to open the device's Security Counselor: a built-in security portal that integrates anti-virus and anti-malware software.

"Your NAS is exposed to the Internet and at high risk if there shows 'The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP' on the dashboard." -QNAP. QNAP directed customers to this site to figure out which router ports are exposed to the internet.

QNAP didn't specify which ransomware gangs or strains are involved in the ongoing attacks, but QNAP device owners have suffered through more than their share over the past few years.

In August 2021, Palo Alto Network Unit 42 researchers put out a report about a new variant of eCh0raix that was exploiting a critical bug, CVE-2021-28799 - an improper authorization vulnerability that gives attackers access to hard-coded credentials so as to plant a backdoor account - in the Hybrid Backup Sync software on QNAP's NAS devices.


News URL

https://threatpost.com/qnap-nas-devices-ransomware-attacks/177452/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2021-28799 Unspecified vulnerability in Qnap Hybrid Backup Sync
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync.
network
low complexity
qnap
critical
9.8