Security News

A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage devices. The ransomware hit QNAP NAS devices in multiple waves, with two large-scale ones were reported in June 2019 and in June 2020.

Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks that lead to ransomware infections. According to Synology's PSIRT, Synology NAS devices compromised in these attacks are later used in further attempts to breach more Linux systems.

Infortrend launched U.2 SSD solution for EonStor CS scale-out NAS. The new all-flash CS 4014U satisfies high performance-demanding requirements for high throughput and low latency workloads, such as media & entertainment, HPC, Big Data, etc. CS provides complete data protection and high availability to avoid data loss and system downtime caused by disk damage or system failures.

Taiwan-based network-attached storage maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices' security. The improper access control vulnerability tracked as CVE-2021-28809 was found by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs in HBS 3 Hybrid Backup Sync, QNAP's disaster recovery and data backup solution.

"REvil ransomware authors have expanded their arsenal to include Linux ransomware, which allows them to target ESXi and NAS devices," Caspi wrote. In a nod to research by AdvIntel in early May 2021, which reported REvil's intent to port its Windows-based ransomware to Linux, Caspi confirmed the Linux variant was spotted in May "Affecting *nix systems and ESXi.".

Western Digital has alerted customers to a critical bug on its My Book Live storage drives, warning them to disconnect the devices from the internet to protect the units from being remotely wiped. In an advisory, the storage firm said My Book Live and My Book Live Duo devices were being "Compromised through exploitation of a remote command execution vulnerability" CVE-2018-18472.

Western Digital My Book Live NAS owners worldwide found that their devices have been mysteriously factory reset and all of their files deleted. The WD My Book Live app allows owners to access their files and manage their devices remotely, even if the NAS is behind a firewall or router.

Network-attached storage appliance manufacturer QNAP Systems says it is investigating reports of malicious attacks targeting NAS devices. Known worldwide for its NAS and professional network video recorder solutions, the Taiwan-based company on Friday issued two advisories to warn of a new wave of attacks targeting its users, urging them to ensure that their NAS devices are not exposed to the Internet.

QNAP NAS devices under ransomware attackQNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility. Q1 2021 ransomware trends: Most attacks involved threat to leak stolen dataThe vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal.

QNAP customers are once again urged to secure their Network Attached Storage devices to defend against Agelocker ransomware attacks targeting their data. In a security advisory published earlier today, the company says that its security team has discovered AgeLocker ransomware samples in the wild, with "The potential to affect QNAP NAS devices."