Security News > 2022 > January > QNAP warns of ransomware targeting Internet-exposed NAS devices
QNAP has warned customers today to secure Internet-exposed network-attached storage devices immediately from ongoing ransomware and brute-force attacks.
"QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices," the Taiwanese NAS maker said in a press release issued today.
The company warned users to check if their NAS is accessible over the internet by opening the Security Counselor, a built-in security portal for QNAP NAS devices.
"Your NAS is exposed to the Internet and at high risk if there shows 'The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP' on the dashboard."
While the company did not share any other details on these active attacks, BleepingComputer reported on QNAP customers saying their systems were targeted with eCh0raix ransomware.
QNAP devices were previously targeted by threat actors using eCh0raix ransomware in June 2019 and June 2020, with the NAS maker also alerting users of another series of another surge of eCh0raix attacks targeting devices with weak passwords in May 2021.