
close
close
QNAP, a Taiwan-based network-attached storage (NAS) manufacturer, has issued an advisory about ransomware and brute-force attacks that affect all network-attached storage devices. The ransomware attacks began targeting the NAS device suite on January 6, and the company urges customers to secure their compromised devices as soon as possible.
“Open the Security Counselor on your QNAP NAS. Your NAS is exposed to the Internet and at high risk if there shows “The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP” on the dashboard,” QNAP explained in its security advisory.
advertisment
QNAP has recommended its users to follow the steps mentioned below to secure exposed NAS devices.
Qlocker also outlined several steps that should help users to prevent malware infections. Users should ensure that the passwords used for both admin and user accounts are strong, unique, and difficult to crack. Additionally, they should enable IP and account access protection to protect their devices from brute force attacks, disable SSH and Telnet connections, and avoid using default ports.
advertisment
The security advisory suggests that these ransomware attacks are targeting network storage devices. However, it seems to be a major outage as several Reddit users reported that QNAP NAS devices that were not connected to the internet also crashed. A Twitter user @Hardisk also noted that the problem is bigger than initially thought, and these QNAP NAS devices may be vulnerable to zero-day flaws. He claims that the malware removal tool provided by QNAP could not find any traces of the virus.
If you’re interested, you can learn more about NAS remote access and network security by heading over to the official website. Let us know in the comments below if your network-attached storage devices have been compromised due to the Qlocker ransomware attacks.
More from Rabia Noureen
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Security
CISA Warns Federal Agencies to Mitigate Critical VMware Vulnerabilities by May 23
May 20, 2022 | Rabia Noureen
CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
May 17, 2022 | Rabia Noureen
Microsoft's New Security Experts Service Protects Businesses Against Ransomware Attacks
May 9, 2022 | Rabia Noureen
Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms
May 5, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group