Security News

There are approximately 62,000 malware-infested QNAP NAS devices located across the globe spilling all the secrets they contain to unknown cyber actors, the US CISA and the UK NCSC have warned. Dubbed QSnatch, the sophisticated malware targets QTS, the Linux-based OS powering QNAP's NAS devices, and is able to log passwords, scrape credentials, set up an SSH backdoor and a webshell, exfiltrate files and, most importantly, assure its persistence by preventing users from installing updates that may remove it and by preventing the QNAP Malware Remover app from running.

Called QSnatch, the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America. "All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes," the US Cybersecurity and Infrastructure Security Agency and the UK's National Cyber Security Centre said in the alert.

Called QSnatch, the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America. "All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes," the US Cybersecurity and Infrastructure Security Agency and the UK's National Cyber Security Centre said in the alert.

QNAP network-attached storage boxes are right now infected with the data-stealing QSnatch malware, the US and UK governments warned today. A joint statement from America's Cybersecurity and Infrastructure Security Agency and Britain's National Cyber Security Centre said the software nasty, first spotted in October, has hijacked tens of thousands as of mid-June, 2020, with "a particularly high number of infections in North America and Europe." It is estimated 7,600 hijacked QNAP boxes were in America, and 3,900 in the UK. The situation is particularly messy because Taiwan-based QNAP has not, to the best of our knowledge, disclosed exactly how the malware breaks into vulnerable boxes, advising simply that owners should ensure the latest firmware is installed to prevent future infection.

QNAP network-attached storage boxes are right now infected with the data-stealing QSnatch malware, the US and UK governments warned today. A joint statement from America's Cybersecurity and Infrastructure Security Agency and Britain's National Cyber Security Centre said the software nasty, first spotted in October, has hijacked tens of thousands as of mid-June, 2020, with "a particularly high number of infections in North America and Europe." It is estimated 7,600 hijacked QNAP boxes were in America, and 3,900 in the UK. The situation is particularly messy because Taiwan-based QNAP has not, to the best of our knowledge, disclosed exactly how the malware breaks into vulnerable boxes, advising simply that owners should ensure the latest firmware is installed to prevent future infection.

According to BlackBerry, the Tycoon attack can be difficult to detect, thanks to it being written in Java and deployed within its own Runtime Environment. Admins of Cisco Nexus and UCS gear should make sure their firmware is updated with the latest NX-OS fix from Switchzilla.

Three vulnerabilities identified in QNAP Photo Station last year could be chained to achieve pre-authentication remote code execution on affected QNAP network-attached storage devices. QNAP Photo Station is a photo album application that is present on the majority of QNAP NAS systems, allowing users to easily organize photos and videos on those devices, as well as to share them with others over the Internet.

Including Spanish camgirl sites spill info, domain registrars hacked Roundup Let's check out some of the more recent security happenings beyond what we've already covered.…

QNAP Systems says there is no known way to remove the Qsnatch malware infecting its NAS devices besides a full factory reset.

Attackers Demand Bitcoin Ransom After Encrypting DataA new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear...