A hacker group going by the name of 'Cl0ud SecuritY' is breaking into old LenovoEMC (formerly Iomega) network-attached storage (NAS) devices, wiping files, and leaving ransom notes behind asking owners to pay between $200 and $275 to get their data back.
Attacks have been happening for at least a month, according to entries on BitcoinAbuse, a web portal where users can report Bitcoin addresses abused in ransomware, extortions, cybercrime, and other online scams.
Attacks appear to have targeted only LenovoEMC/Iomega NAS devices that are exposing their management interface on the internet without a password.
ZDNet was able to identify around 1,000 such devices using a Shodan search.
