PSA Qnap ransomware attacks going on since 4/19/21

Trooper_ish · April 23, 2021, 8:25am

Patched now?

Qnap nas file locker ransomeware, patch now Security

I know there are a few out there on here, get your patches. It is a file scrambling ransomeware. Advice from Qnap Install the latest software updates for the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps on their QNAP NAS gear to close off vulnerabilities that can be exploited by ransomware to infect devices. Install the latest Malware Remover tool from QNAP, and run a malware scan. The manufacturer said it has “released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack.” Change the network port of the web-based user interface away from the default of 8080, presumably to mitigate future attacks. We’ll assume for now that vulnerable devices are being found and attacked by miscreants scanning the internet for public-facing QNAP products – we’ve asked the manufacturer to comment on this. Make sure they use strong, unique passwords that can’t easily be brute-forced or guessed. If possible, follow the 3-2-1 rule on backups: have at least three good recent copies of your documents stored on at least two types of media, at least one of which is off-site. That means if your files are scrambled, you have a good chance of restoring them from a backup untouched by the malware, thus avoiding having to cough up the demand, if you make sure the software nasty can’t alter said backups. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical Support at service.qnap.com.