QNAP has issued an advisory about a recent wave of ransomware attacks targeting its NAS storage devices and encrypting files.
Last week, BleepingComputer broke the story of ransomware known as AgeLocker attacking publicly exposed QNAP NAS devices.
The ransomware gets its name from its use of the encryption algorithm called Actually Good Encryption (AGE) when encrypting files.
At the time of our reporting, it was not known how the attackers were gaining access to QNAP devices, but a new security advisory by QNAP indicates that the attackers are targeting older vulnerable versions of Photo Station.
"QNAP Product Security Incident Response Team (PSIRT) has found evidence that the ransomware may attack earlier versions of Photo Station. We are thoroughly investigating the case and will release more information as soon as possible," QNAP stated in an advisory.
Photo Station is a built-in application that allows users to upload photos to their NAS device, create albums, and remotely view them.
QNAP had previously warned of another ransomware called eCh0raix that also targeted vulnerabilities in the app.
How to secure your QNAP device
To secure your NAS device, QNAP advises all owners to upgrade to the latest QTS version and update all installed applications, especially Photo Station.
To install the latest QTS update, you can perform the following steps:
- Log on to QTS as an administrator.
- Go to Control Panel > System > Firmware Update.
- Under Live Update, click Check for Update.
QTS downloads and installs the latest available update.
You can also manually update the QTS firmware by going to Support > Download Center and downloading the manual update for your specific device.
To update all the apps on your QNAP devices, please follow these steps:
- Log on to QTS as an administrator.
- Go to App Center.
- Select My Apps.
- Beside Install Updates, click All.
A confirmation message appears. - Click OK.
QTS updates all your installed applications to their latest versions.
In addition to QNAP's suggestions, it is also suggested that you do not expose the QTS Administration page or QTS applications to the Internet.
If an attacker cannot gain access to these pages, they will not be able to exploit any known vulnerabilities to gain access to your device.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now