Security News > 2022 > June > QNAP NAS devices targeted by surge of eCh0raix ransomware attacks

This week, ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage devices again, according to user reports and sample submissions on the ID Ransomware platform.

Ech0raix had hit QNAP customers in multiple large-scale waves starting with the summer of 2019 when the attackers brute-forced their way into Internet-exposed NAS devices.

A new surge of ech0raix attacks has now been confirmed by a quickly increasing number of ID Ransomware submissions and users reporting being hit in the BleepingComputer forums [1, 2], with the earliest hit recorded on June 8.

Although only a few dozen ech0raix samples have been submitted, the actual number is successful attacks is most likely higher since only some of the victims will use the ID Ransomware service to identify the ransomware that encrypted their devices.

While this ransomware has also been used to encrypt Synology NAS systems since August 2021, victims have only confirmed strikes on QNAP NAS devices this time.

"According to the investigation by the QNAP Product Security Incident Response Team, the attack targeted NAS devices using QTS 4.3.6 and QTS 4.4.1, and the affected models were mainly TS-x51 series and TS-x53 series," the NAS maker said.

News URL

https://www.bleepingcomputer.com/news/security/qnap-nas-devices-targeted-by-surge-of-ech0raix-ransomware-attacks/