QNAP raises alarm over serious vulnerability in NAS devices

QNAP NAS devices are a popular target among threat actors

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The QNAP Product Security Incident Response Team (PSIRT) has released updates for itsNetwork-Attached Storage (NAS) devices.

NAS devices by the Taiwanese vendor are a popular target for hackers and have been on the receiving end ofvarious cyber attackcampaigns lately. Threat actors are known to actively seek out vulnerabilities in order totarget QNAP devicesthat are accessible over the internet.

Last month, the company released updates to safeguard devices from being exploited tomine cryptocurrency. The latest updates, however, come in response to reports of tworansomwarecampaigns, Qlocker and eCh0raix, that are on the prowl for vulnerable QNAP devices.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

In itsadvisory, QNAP suggests users update their Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps, to mitigate the ongoing ransomware threat.

Sanitize devices

Sanitize devices

QNAP also urges its users to fetch and run its latestmalware removaltool to ensure their devices are sanitized.

If you have been hit by the ransomware, the company suggests you don’t power down your NAS device, even if you catch the data being encrypted. Instead, you are advised to immediately run the malware scan and contact QNAP’s technical support.

To avoid being targeted, QNAP’s PSIRT suggests all users practice sensible password policies. In fact, that advice should be applicable to everyone, especially with there being no dearth ofpassword managersthat can help you set strong passwords.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Meanwhile, QNAP says it is urgently working on a solution to remove malware from infected devices.

ViaThe Register

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Anker Nebula Mars 3 review: A powerful and truly portable projector