Warning: Vulnerability in QNAP NAS under attack, 62,000 infections

[German]Another short warning for users who have QNAP NAS drives in use. The Qnatch malware has already managed 62,000 infections of such drives. In the meantime, the British and US governments are warning of this danger.


Advertising

I already became aware of the issue a few days ago via the following tweet – but I haven't had time to prepare it yet.

Security expert Nicolas Krassas points out that the malware Qsnatch has already infected 62,000 QNAP NAS drives. The Register has published an article Data-stealing, password-harvesting, backdoor-opening QNAP NAS malware cruises along at 62,000 infections on this topic.  Meanwhile, the British and US governments have issued a joint statement with a warning of this danger.  

In an alert, the authorities write that CISA and NCSC are monitoring the QSnatch malware family. Attackers have been using the malware since the end of 2019 against NAS (Network Attached Storage) devices from QNAP in order to compromise them.

All QNAP NAS devices without the latest security fixes are potentially vulnerable to the QSnatch malware. This malware has infected thousands of devices worldwide with a particularly high number of infections in North America and Europe. In addition, once a device is infected, attackers can prevent administrators from successfully updating firmware. A downloadable PDF file contains some more information.


Advertising

But the whole topic is not new – in November 2019 I had reported in the blog post QSnatch Malware infects QNAP NAS drives that a malware called QSnatch targets network storage from QNAP. There you can also find hints what you should know about Qsnatch malware. The manufacturer QNAP offers firmware updates to protect against this malware. A security message from QNAP can be found here.


Advertising

This entry was posted in devices, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).