AgeLocker Ransomware Is Actively Targeting NAS Owners, QNAP Warns
QNAP is warning customers of a ransomware campaign that targets Network Attached Storage (NAS) users with older versions of QTS, a Linux-based operating system deployed by the company with its products.
AgeLocker is ransomware that directly targets QNAP customers by infecting their NAS hardware. Following an investigation, the company determined that the latest version of QTS has no known vulnerabilities that would let attackers deploy the malware with ease.
The most likely scenario is that some people continue to use older, unpatched QTS versions, giving threat actors a way in. Because the company is still trying to determine the exact route the infection takes, it can only recommend users upgrade their systems as soon as possible and follow best practices.
“Since unpatched devices are prone to information security threats, QNAP urges all users to update their device OS and apps to the latest version available,” said QNAP in a blog post. “Users should also follow good information security practices such as using strong passwords and installing the Malware Remover app on their NAS. These will make the device harder to be breached, thus enhancing data security.”
User reports indicate AgeLocker only targets QNAP NAS, Linux and macOS devices. The developers found evidence that many earlier versions of Photo Station are also susceptible to attack.
Two months ago, another malware, named QSnatch, affected QNAP systems, allowing attackers to steal credentials via a CGI password logger, scrape credentials, and provide attackers with a SSH backdoor and more. The company has a similar problem as then, when they couldn’t determine the infection vector.
QNAP asked customers to keep Malware Remover at the latest version, upgrade the operating system, and change all credentials.
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices
August 27, 2021
Your Netflix Account May Be on Sale on Darkweb. Protect It
August 13, 2021
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021