QNAP has today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users’ data for ransom. QNAP strongly urges that all users immediately install the latest Malware Remover version and run a malware scan on QNAP NAS.
QNAP has released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical explains QNAP. For more information jump over to the official QNAP newsroom by following the link below.
“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. QNAP is urgently working on a solution to remove malware from infected devices.”
“For unaffected users , it’s recommended to immediately install the latest Malware Remover version and run a malware scan as a precautionary measure. All user should update their passwords to stronger ones, and the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version. Additionally, users are advised to modify the default network port 8080 for accessing the NAS operating interface. “
Follow the links below to make sure that you are covered and your systems are protected from the recent actions.
Source : QNAP Newsroom : SQL Injection Vulnerability : Improper Authorization Vulnerability