QNAP’s unpatched Network Attached Storage (NAS) devices are the latest targetable devices persistent seizures, which aim to acquire them for use as cryptocurrency miners. The malware, discovered by Qihoo̵
“We found that the attacker modified the program by hiding the mining process and the real information about CPU memory resource usage, so when the QNAP users check the system usage through the WEB management interface, they cannot see the abnormal system behavior”, said the researchers at 360 Netlab. in a report.
360 Netlab called the malware UnityMiner, and informed QNAP about the ongoing crypto mining campaign a day after finding it. They noted that all QNAP NAS devices with firmware released before August 2020 are vulnerable, which they say is nearly 4.3 million NAS devices.
“To ensure the security of their QNAP NAS, users are urged to install their applicable update (s) as soon as possible. In addition to these software updates and published security advisories, QNAP has also sent individual notification emails to known Surveillance Station users to minimize the impact caused by the issue, ”said QNAP.
The company’s NAS devices have been under attack for months now, with warnings of infections dating back to August 2019 related to QSnatch malware, Muhstik Ransomware infections, the eChOraix Ransomware campaign and AgeLocker Ransomware attacks.
If you own a QNAP NAS, you should take the necessary steps to secure it. Change your passwords for all accounts on it, update device firmware and applications, remove unknown users and applications from it, install QNAP’s MalwareRemover app from the AppCenter, and set up an access control list.
through Bleep computer