Security News

QNAP network-attached storage boxes are right now infected with the data-stealing QSnatch malware, the US and UK governments warned today. A joint statement from America's Cybersecurity and Infrastructure Security Agency and Britain's National Cyber Security Centre said the software nasty, first spotted in October, has hijacked tens of thousands as of mid-June, 2020, with "a particularly high number of infections in North America and Europe." It is estimated 7,600 hijacked QNAP boxes were in America, and 3,900 in the UK. The situation is particularly messy because Taiwan-based QNAP has not, to the best of our knowledge, disclosed exactly how the malware breaks into vulnerable boxes, advising simply that owners should ensure the latest firmware is installed to prevent future infection.

According to BlackBerry, the Tycoon attack can be difficult to detect, thanks to it being written in Java and deployed within its own Runtime Environment. Admins of Cisco Nexus and UCS gear should make sure their firmware is updated with the latest NX-OS fix from Switchzilla.

Three vulnerabilities identified in QNAP Photo Station last year could be chained to achieve pre-authentication remote code execution on affected QNAP network-attached storage devices. QNAP Photo Station is a photo album application that is present on the majority of QNAP NAS systems, allowing users to easily organize photos and videos on those devices, as well as to share them with others over the Internet.

Including Spanish camgirl sites spill info, domain registrars hacked Roundup Let's check out some of the more recent security happenings beyond what we've already covered.…

QNAP Systems says there is no known way to remove the Qsnatch malware infecting its NAS devices besides a full factory reset.

Attackers Demand Bitcoin Ransom After Encrypting DataA new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear...

Attackers Demand Bitcoin Ransom After Encrypting DataA new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear...

A recently observed ransomware family is targeting Linux-based file storage systems (NAS servers) made by QNAP, Intezer’s security researchers reveal.  read more

A new ransomware family has been found targeting Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' data hostage until a ransom is paid, researchers told...

Network-attached Storage (NAS) device maker QNAP has published a security advisory to alert of malware targeting its NAS devices.  read more