1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Sorry QNAP customers, you're under attack again

    From TechnologyDaily@1337:1/100 to All on Mon Jun 20 18:30:04 2022
    Sorry QNAP customers, you're under attack again

    Date:
    Mon, 20 Jun 2022 17:11:11 +0000

    Description:
    ech0raix is at it again, targeting vulnerable QNAP NAS devices for almost a month now.

    FULL STORY ======================================================================

    Another day, another cyberattack against QNAPs network-attached storage ( NAS ) devices. This time, QNAP users are being targeted by ech0raix, a known ransomware operator thats been targeting vulnerable QNAP devices for years now.

    Users first started recording being hit with ransomware on June 8, and since then, the number of ID Ransomware submissions has been quickly piling up. So far, a few dozen samples have been submitted, but the actual number of successful attacks is probably a lot higher since some victims wont be using the ID Ransomware service to detect the strain that attacked them, the publication states.

    QNAP is so far being silent on the matter, so its hard to know exactly how the attack was mounted, and whether or not any malware was used.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Defending the premises

    In order to defend the vulnerable endpoints from the attack, users can turn
    to the advice the company provided during one of the earlier attacks, which includes creating a stronger password for admin accounts, enabling IP Access Protection to defend against brute-force attacks, and avoiding default port numbers (443, 8080).

    An in-depth guide on how to set all those things up can be found in QNAPs security advisory, here . Read more

    QNAP NAS devices hit with surge of ransomware attacks


    QNAP fixes even more serious security flaws on its NAS devices


    QNAP NAS owners told to patch immediately, again

    The company has also warned users to disable Universal Plug and Play (UPnP) port forwarding on their routers, in order not to expose their devices to the internet. Furthermore, disabling SSH and Telnet connections, and toggling IP and account access protection on, should help, as well.

    ech0raix is a known ransomware strain thats been targeting vulnerable QNAP devices since at least 2019. The media were reporting of multiple large-scale attacks, that started with a brute-force entry into internet-exposed NAS devices.

    Since then, attacks against QNAP endpoints were observed twice in 2020, once in 2021, and once in early 2022.

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/sorry-qnap-customers-youre-under-attack-again/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)