QNAP, a manufacturer of network-attached storage (NAS) devices, published a fresh notice on Tuesday, notifying consumers regarding cryptocurrency mining malware hitting their equipment and asking them to adopt appropriate measures. QNAP stated in a notice,
“Bitcoin miners are attacking QNAP NAS.” CPU consumption will be unreasonably excessive if the NAS is compromised. According to a Taiwanese corporation, it can responsible for nearly 50% of total CPU consumption.”
QNAP claims it’s looking into the issue right now, however it won’t say much about the first entry vector that put NAS devices at risk. By rebooting the device, customers who have been infected can get rid of the infection. As the immediate remedy, the business encourages people to update their QTS (and QuTS Hero) OSs to the most recent version, set unique passwords for admin and other user profiles, and stay NAS devices off the Web.
Over the past few years, QNAP NAS devices have been a common major focus for various malicious actors. In July 2020, the US and UK cybersecurity organizations announced joint breaking news regarding the possibility of data-stealing malware known as QSnatch attacking NAS devices (or Derek).
Device manufacturers issued a notification in December 2020 about two major cross-site scripting vulnerabilities (CVE-2020-2495 and CVE-2020-2496) that might assist a malicious actor to take control of a device.
Later, in March 2021, Qihoo 360’s Network Security Laboratory also acquired root capabilities by leveraging two security weaknesses in the firmware (CVE-2020-2506 and CVE-2020-2507). QNAP NAS devices have also been affected by the eCh0raix and Qlocker ransomware outbreaks in April 2021.