Security News

On Monday, QNAP put out two security advisories about OpenSSL remote-code execution and denial-of-service bugs, fixed last week, that affect its network-attached storage devices. Many popular open-source programming libraries that support it - including OpenSSL, LibreSSL and BoringSSL, "Have kept old-school product names for the sake of familiarity," Ducklin commented in a recent drilldown into the OpenSSL bugs.

Network-attached storage maker QNAP is investigating and working on security updates to address remote code execution and denial-of-service vulnerabilities patched by OpenSSL last week. The security flaws tracked as CVE-2021-3711 and CVE-2021-3712, impact QNAP NAS device running QTS, QuTS hero, QuTScloud, and HBS 3 Hybrid Backup Sync, according to advisories [1, 2] published earlier today.

Operators of the nearly-year-old eCh0raix ransomware strain that's been used to target QNAP and Synology network-attached storage devices in past, separate campaigns have, gotten more efficient. In a report published Tuesday, Palo Alto Network Unit 42 researchers said the new variant of eCh0raix exploits a critical bug, CVE-2021-28799 - an improper authorization vulnerability that gives attackers access to hard-coded credentials so as to plant a backdoor account - in the Hybrid Backup Sync software on QNAP's NAS devices.

A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage devices. The ransomware hit QNAP NAS devices in multiple waves, with two large-scale ones were reported in June 2019 and in June 2020.

Taiwan-based network-attached storage maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices' security. The improper access control vulnerability tracked as CVE-2021-28809 was found by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs in HBS 3 Hybrid Backup Sync, QNAP's disaster recovery and data backup solution.

Taiwanese network-attached storage appliance manufacturer QNAP Systems has revealed that a vulnerability in its Hybrid Backup Sync software has been exploited in Qlocker ransomware attacks. Last month, the maker of NAS devices and professional network video recorder solutions warned of QNAP NAS devices being targeted by two ransomware families known as Qlocker and eCh0raix, advising users to download and install its Malware Remover tool to identify infections.

QNAP is advising customers to update the HBS 3 disaster recovery app to block Qlocker ransomware attacks targeting their Internet-exposed Network Attached Storage devices. "The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3," the Taiwan-based NAS appliance maker said in a security advisory issued today.

The Qlocker ransomware gang has shut down their operation after earning $350,000 in a month by exploiting vulnerabilities in QNAP NAS devices. As a possible sign of their impending shutdown, the Qlocker Tor sites began displaying a message stating that "This site will be closed soon."

Network-attached storage appliance manufacturer QNAP Systems says it is investigating reports of malicious attacks targeting NAS devices. Known worldwide for its NAS and professional network video recorder solutions, the Taiwan-based company on Friday issued two advisories to warn of a new wave of attacks targeting its users, urging them to ensure that their NAS devices are not exposed to the Internet.

QNAP warns customers of an actively exploited Roon Server zero-day bug and eCh0raix ransomware attacks targeting their Network Attached Storage devices. "The eCh0raix ransomware has been reported to affect QNAP NAS devices," the company said.