HomeUpdateAnother Bitcoin-mining ransomware has been discovered affecting QNAP NAS devices

Another Bitcoin-mining ransomware has been discovered affecting QNAP NAS devices


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 08/12/2021 by Riya

QNAP, a manufacturer of network-attached storage (NAS) devices, published a fresh notice on Tuesday, notifying consumers regarding cryptocurrency mining malware hitting their equipment and asking them to adopt appropriate measures. QNAP stated in a notice,

“Bitcoin miners are attacking QNAP NAS.” CPU consumption will be unreasonably excessive if the NAS is compromised. According to a Taiwanese corporation, it can responsible for nearly 50% of total CPU consumption.”

QNAP claims it’s looking into the issue right now, however it won’t say much about the first entry vector that put NAS devices at risk. By rebooting the device, customers who have been infected can get rid of the infection. As the immediate remedy, the business encourages people to update their QTS (and QuTS Hero) OSs to the most recent version, set unique passwords for admin and other user profiles, and stay NAS devices off the Web.

Over the past few years, QNAP NAS devices have been a common major focus for various malicious actors. In July 2020, the US and UK cybersecurity organizations announced joint breaking news regarding the possibility of data-stealing malware known as QSnatch attacking NAS devices (or Derek).

Device manufacturers issued a notification in December 2020 about two major cross-site scripting vulnerabilities (CVE-2020-2495 and CVE-2020-2496) that might assist a malicious actor to take control of a device.

Later, in March 2021, Qihoo 360’s Network Security Laboratory also acquired root capabilities by leveraging two security weaknesses in the firmware (CVE-2020-2506 and CVE-2020-2507). QNAP NAS devices have also been affected by the eCh0raix and Qlocker ransomware outbreaks in April 2021.

Riya is a technology enthusiast and an avid researcher. She writes about consumer tech, hacking, and technology consumer issues at TheDigitalHacker.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...