Currently, criminals are successfully blackmailing owners of Qnap NAS systems. Within five days they collected ransom money of around 230,000 euros. Anyone who owns such a network storage device should quickly bring the device up to date.
This is the sum of the IT news website Bleepingcomputer.com published in a post. Among other things, in collaboration with a security researcher, you analyzed several Bitcoin addresses used in the Qlocker campaign. According to them, more than 500 victims have already paid the ransom of 0.01 Bitcoin (about 450 euros).
The campaign is still in full swing and it can be assumed that the blackmailers will steal even more money.
If you have a NAS system from Qnap, you should ensure that the latest versions of the Media Streaming Add-on, Multimedia Console and Hybrid Backup Sync are installed. The software actually has “critical“The attackers identified security holes. Last week Qnap published a statement on the incidents.
When it comes to encryption, the criminals make it easy for themselves and lock victims’ data in password-protected archives with 7zip. They only want to give out the passwords after the ransom has been paid.
More safety tips
In a post, Qnap collected further information on how to protect network storage from attacks. In general, such a system is only connected to the Internet if there is no other way. If this is absolutely necessary, you should protect access with strong passwords.
Admins should regularly access the system settings and remove suspicious accounts if necessary. It goes without saying that you always keep the software up to date.