Security News > 2022 > July > Checkmate ransomware hits QNAP NAS devices

QNAP Systems is warning about Checkmate, a new piece of ransomware targeting users of its network-attached storage appliances.

"Preliminary investigation indicates that Checkmate attacks via SMB services exposed to the internet, and employs a dictionary attack to break accounts with weak passwords," the company says.

This particular ransomware has been documented in late May 2022, but it seems that it hasn't succeeded in spreading widely, since QNAP is only now addressing the issue.

QNAP NAS owners that have not been hit by the Checkmate ransomware are advised not to expose SMB service to the internet, to reduce NAS service exposure to the internet, to disable SMB1, and update their QNAP operating system to the latest version.

NAS devices - whether manufactured by QNAP or other companies like Synology, Western Digital, Zyxel and others - are regularly targeted with ransomware and bitcoin miners.

A few weeks ago QNAP warned users about new DeadBolt and ech0raix ransomware campaigns.

News URL

https://www.helpnetsecurity.com/2022/07/08/checkmate-ransomware-qnap-nas/