UK and US alert QNAP owners to upgrade firmware to block malware

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/uk-and-us-warn-qnap-owners-to-upgrade-firmware-to-block-malware/

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart.

Although the attack infrastructure used in previous QSnatch attacks (from early 2014 to mid-2017 and from late 2018 to late 2019) is currently not active, the two agencies urge all QNAP customers to update their NAS devices as soon as possible to block future campaigns.

"All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes," the two agencies explain (1, 2).

"Organizations that are still running a vulnerable version must run a full factory reset on the device prior to completing the firmware upgrade to ensure the device is not left vulnerable," the joint alert warns.

The two agencies have found roughly 62,000 infected devices worldwide in mid-June 2020, of which about 7,600 were found in the United States and 3,900 in the United Kingdom.

 

[Ink]

They were warned in November 2019, it's now July and you can see why Automatic Updates should be an open option for everyone. Especially if they are critical as this.

 

[CyberPanther]

Alert: Potential legacy risk from malware targeting QNAP NAS devices

 

[silversurfer]

QNAP urges users to update Malware Remover after QSnatch alert

QNAP urges its users to update the Malware Remover app and bolster their NAS devices' security following a QSnatch malware joint alert published earlier this week by UK's NCSC and the US CISA government cybersecurity agencies.

www.bleepingcomputer.com