Security News
QNAP NAS devices under ransomware attackQNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility. Q1 2021 ransomware trends: Most attacks involved threat to leak stolen dataThe vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal.
QNAP customers are once again urged to secure their Network Attached Storage devices to defend against Agelocker ransomware attacks targeting their data. In a security advisory published earlier today, the company says that its security team has discovered AgeLocker ransomware samples in the wild, with "The potential to affect QNAP NAS devices."
QNAP customers are once again urged to secure their Network Attached Storage devices to defend against Agelocker ransomware attacks targeting their data. In a security advisory published earlier today, the company says that its security team has discovered AgeLocker ransomware samples in the wild, with "The potential to affect QNAP NAS devices."
QNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility. CVE-2020-36195, an SQL injection vulnerability affecting QNAP NAS running Multimedia Console or the Media Streaming add-on.
Following a wave of ransomware attacks, network-attached storage appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices. The Taiwanese company, which makes both NAS and professional network video recorder solutions, has long been urging users to improve the security of their devices.
A new ransomware strain called "Qlocker" is targeting QNAP network attached storage devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives. In response to the ongoing attacks, the Taiwanese company has released an advisory prompting users to apply updates to QNAP NAS running Multimedia Console, Media Streaming Add-on, and HBS 3 Hybrid Backup Sync to secure the devices from any attacks.
QNAP has urged its customers to install and run its latest firmware and malware removal tools on their NAS boxes amid a surge in ransomware infections. Two file-scrambling nasties, Qlocker and eCh0raix, are said to be tearing through vulnerable QNAP storage equipment, encrypting data and demanding ransoms to restore the information.
Update: QNAP confirmed that Qlocker ransomware has used the removed backdoor account to hack into some customers' NAS devices and encrypt their files. T]he so-called Qlocker ransomware took advantage of one of the patched vulnerabilities in HBS to launch a hostile campaign, targeting QNAP NAS directly connected to the Internet with unpatched old versions of HBS. QNAP has addressed a critical vulnerability allowing attackers to log into QNAP NAS devices using hardcoded credentials.
A massive ransomware campaign targeting QNAP devices worldwide is underway, and users are finding their files now stored in password-protected 7zip archives. The ransomware is called Qlocker and began targeting QNAP devices on April 19th, 2021.
An exploit is now publicly available for a remote code execution vulnerability affecting QNAP network-attached storage devices that run the Surveillance Station video management system. The bug, specifically a memory corruption issue, was found to impact QNAP NAS devices running Surveillance Station versions 5.1.5.4.2 and 5.1.5.3.2, and was addressed in February this year.