1 min read

AgeLocker Ransomware Is Actively Targeting NAS Owners, QNAP Warns

Silviu STAHIE

September 29, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
AgeLocker Ransomware Is Actively Targeting NAS Owners, QNAP Warns

QNAP is warning customers of a ransomware campaign that targets Network Attached Storage (NAS) users with older versions of QTS, a Linux-based operating system deployed by the company with its products.

AgeLocker is ransomware that directly targets QNAP customers by infecting their NAS hardware. Following an investigation, the company determined that the latest version of QTS has no known vulnerabilities that would let attackers deploy the malware with ease.

The most likely scenario is that some people continue to use older, unpatched QTS versions, giving threat actors a way in. Because the company is still trying to determine the exact route the infection takes, it can only recommend users upgrade their systems as soon as possible and follow best practices.

“Since unpatched devices are prone to information security threats, QNAP urges all users to update their device OS and apps to the latest version available,” said QNAP in a blog post. “Users should also follow good information security practices such as using strong passwords and installing the Malware Remover app on their NAS. These will make the device harder to be breached, thus enhancing data security.”

User reports indicate AgeLocker only targets QNAP NAS, Linux and macOS devices. The developers found evidence that many earlier versions of Photo Station are also susceptible to attack.

Two months ago, another malware, named QSnatch, affected QNAP systems, allowing attackers to steal credentials via a CGI password logger, scrape credentials, and provide attackers with a SSH backdoor and more. The company has a similar problem as then, when they couldn’t determine the infection vector.

QNAP asked customers to keep Malware Remover at the latest version, upgrade the operating system, and change all credentials.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese criminals scam kids desperate to play games for more than three hours a week Chinese criminals scam kids desperate to play games for more than three hours a week
Graham CLULEY

August 12, 2022

2 min read
Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read