Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday February 14 2019, @04:33PM   Printer-friendly
from the and-kiss-your-NAS-goodbye dept.

The Register reports on mysterious malware affecting QNAP's popular NAS appliances.

The company has acknowledged the issue and issued a security advisory with the currently available details.

If you have one or more QNAP NAS appliance(s), like yours truly, it's worth giving the advisory a run through and making sure you aren't affected.

QNAP is still analyzing the malware, and advises:

Recommendation
To avoid possible exploits, you must:

Manually update Malware Remover to the latest version.
Update QTS to the latest version.
Update all apps installed on your NAS.
In case you encounter problems or receive the following error message while updating Malware Remover, please wait for the solution:

[App Center] Failed to install MalwareRemover. Model does not support MalwareRemover.

Cold comfort. Known indicators of compromise include

around 700 entries were added to their machines' hosts file, all pointing to IP address 0.0.0.0. Those entries sinkholed all requests to common antivirus update servers.

If you only have one copy of your data, you don't have your data. Also online backup is not offline backup.


Original Submission

Related Stories

New QNAPCrypt Ransomware Campaign Targets QNAP NAS Devices 4 comments

Beginning around June 1, A wave of eCh0raix/QNAPCrypt ransomware attacks has been observed targeting QNAP NAS devices. Vectors employed to compromise the devices are exploiting known vulnerabilities and brute-force attacks on weak passwords.

QNAP already addressed the vulnerabilities issues in the following QTS versions:

  • QTS 4.4.2.1270 build 20200410 and later
  • QTS 4.4.1.1261 build 20200330 and later
  • QTS 4.3.6.1263 build 20200330 and later
  • QTS 4.3.4.1282 build 20200408 and later
  • QTS 4.3.3.1252 build 20200409 and later
  • QTS 4.2.6 build 20200421 and later

--- QNAP Advisory: Multiple Vulnerabilities in File Station. (June 5, 2020)

As would be expected, "QNAP strongly recommends updating your QTS to the latest available version for your NAS model."

The ransomware is attributed to the financially motivated Russian cybercrime group 'FullofDeep', the attackers are demanding $500 in bitcoin to decrypt files, which are encrypted with AES CFB.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Interesting) by Freeman on Thursday February 14 2019, @05:49PM (1 child)

    by Freeman (732) on Thursday February 14 2019, @05:49PM (#801064) Journal

    While I don't pretend that my data storage habits are good / reasonable. I do have a couple of offline external drives that I update every now and again. That is the absolute bare minimum you need to do, if you want to backup your photos, etc. In reality, I can replace almost everything, if I need to. There are only a few types of things that are irreplaceable, personal photos / videos, original documents (Your homework from College, doesn't really count. Unless it's a start to an Essay you plan on making into a book someday or the like.), original coding (Again, significant things. Though, a vast collection of scripts / code snipets, could be construed as significant.), and perhaps a few other things I've missed. There is absolutely no reason not to have multiple backups of important original documents, code, etc. Generally, those things won't take up much room and storage has become cheap. Graphics, Photos, Video, Sound, etc. will take up a large amount of space quickly. It's best to plan ahead and in the event something catastrophic happens. It's even better to have an offsite cold storage copy, that you've tested this decade.

    --
    Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
    • (Score: 2) by RandomFactor on Thursday February 14 2019, @06:35PM

      by RandomFactor (3682) Subscriber Badge on Thursday February 14 2019, @06:35PM (#801086) Journal

      Better than I am. I haven't updated offline storage in ages.

      --
      В «Правде» нет известий, в «Известиях» нет правды
  • (Score: 4, Insightful) by bradley13 on Thursday February 14 2019, @09:25PM

    by bradley13 (3053) on Thursday February 14 2019, @09:25PM (#801216) Homepage Journal

    I hadn't seen this warning yet - so it's nice to have found it on SN. Installing the malware checker now. Don't expect any problems, but better safe than sorry...

    --
    Everyone is somebody else's weirdo.
  • (Score: 1) by jrbrtsn on Friday February 15 2019, @01:46PM

    by jrbrtsn (6338) Subscriber Badge on Friday February 15 2019, @01:46PM (#801524)

    Counting on somebody else to keep your data secure is a bad idea. NAS is nothing but a headless server OS.

(1)