قالب وردپرس درنا توس
Home / Tips and Tricks / QNAP NAS devices can be hacked for crypto mining – Update yours now – Review Geek

QNAP NAS devices can be hacked for crypto mining – Update yours now – Review Geek



view from above for office workplace with laptop and qnap nas backup server on desk
monte_a / Shutterstock.com

QNAP’s unpatched Network Attached Storage (NAS) devices are the latest targetable devices persistent seizures, which aim to acquire them for use as cryptocurrency miners. The malware, discovered by Qihoo̵

7;s 360 Netlab, takes advantage of multiple pre-auth remote command execution vulnerabilities found in a QNAP Helpdesk app patch made in October 2020.

“We found that the attacker modified the program by hiding the mining process and the real information about CPU memory resource usage, so when the QNAP users check the system usage through the WEB management interface, they cannot see the abnormal system behavior”, said the researchers at 360 Netlab. in a report.

360 Netlab called the malware UnityMiner, and informed QNAP about the ongoing crypto mining campaign a day after finding it. They noted that all QNAP NAS devices with firmware released before August 2020 are vulnerable, which they say is nearly 4.3 million NAS devices.

“To ensure the security of their QNAP NAS, users are urged to install their applicable update (s) as soon as possible. In addition to these software updates and published security advisories, QNAP has also sent individual notification emails to known Surveillance Station users to minimize the impact caused by the issue, ”said QNAP.

The company’s NAS devices have been under attack for months now, with warnings of infections dating back to August 2019 related to QSnatch malware, Muhstik Ransomware infections, the eChOraix Ransomware campaign and AgeLocker Ransomware attacks.

If you own a QNAP NAS, you should take the necessary steps to secure it. Change your passwords for all accounts on it, update device firmware and applications, remove unknown users and applications from it, install QNAP’s MalwareRemover app from the AppCenter, and set up an access control list.

through Bleep computer




Source link