Two Cybersecurity companies’ researches have discovered malware that is targeting Network Attached Storage (NAS) devices manufactured by Taiwan-based QNAP Systems. Experts from Intezer and Anomali have separately discovered this new malicious software that will eventually encrypt the data stored on these devices. This malicious software is looking for certain vulnerabilities that are currently known but poorly configured by IT departments. Upon completion of the encryption process, a message will be displayed: “All your data has been locked(crypted). How to unclock(decrypt) instruction located in this TOR website: http://sg3dwqfpnr4sl5hh.onion/order/[Bitcoin address] Use TOR browser for access .onion websites. https://duckduckgo.com/html?q=tor+browser+how+to Do NOT remove this file and NOT remove last line in this file!” What Can You Do?
- Install updates as as they become available by the manufacturer
- Set strong passwords
- disable or delete unused accounts
- Disable unused services