2 min read

Is Your QNAP NAS Secretly Mining Crypto?

Radu CRAHMALIUC

December 09, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Is Your QNAP NAS Secretly Mining Crypto?

Network-attached storage (NAS) maker QNAP released a statement earlier this week warning clients of a bitcoin mining malware potentially targeting their devices. “Once a NAS is infected, CPU usage becomes unusually high where a process named ‘[oom_reaper]’ could occupy around 50% of the total CPU usage," the company said in its statement.

How to detect and fix the problem

Crypto miners and, more recently, cryptojackers, are a form of malware that infect a host device, such as a personal computer, server, NAS or mobile phone, and hijack the system resources to mine cryptocurrencies for a malicious actor. Because their prime objective is to mine and not damage the device, crypto miners can be hard to detect. They usually give away clues, though, such as unusual high CPU usage, slow system speed or quick battery drainage.

To fix the recent threat, QNAP customers are advised to reboot their device, which should flush away the malware. Additionally, users should make sure their NAS operating system is updated to the latest version, check that Malware Remover is updated, use a strong password for the device and, if possible, refrain from exposing their NAS to the internet, or at least avoid using default system port numbers 443 and 8080.

This isn’t the first time the Taiwanese maker is faced with malware problems. In December 2020, QNAP fixed four high-severity vulnerabilities allowing remote attackers to inject malicious code in various components. A few months earlier, they had to fix a critical vulnerability related to Zerologon, which Iranian hackers are known to use. In September 2020, attackers hit NAS devices from QNAP with AgeLocker ransomware, prompting the developers to issue a new set of firmware updates. And in July 2020, CISA and NCSC issued a joint advisory regarding a malware string under the name of QSnatch.

Don’t bypass security when setting up your NAS

Because they can play many roles, like personal cloud, storage unit, backup solution or media library server, NASs have become very popular in the last few years, even among people who aren’t really into gadgets and devices. But that has also turned them into easy targets for cybercriminals. In fact, according to a recent Bitdefender IoT security study, NASs are the most vulnerable household smart devices and have been targeted recently by various types of attacks, like brute-forcing, DDoS attacks, ransomware and crypto-mining malware.

To protect your NAS, make sure that:

  • You use a strong password to log in, as a weak password can be brute-forced instantly
  • You don’t use the default admin profile, as hackers are constantly scanning for default login credentials to exploit
  • Your firmware and apps are all updated to the latest version, because manufacturers regularly issue security updates to fix vulnerabilities
  • Your ports and connections are secured
  • Your home router is secured and updated to the latest firmware version
  • You connect to the internet through a VPN, which hides your IP and encrypts your connection

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Spam Trends of the Week: Apple Subscriptions, HMRC Phishing and Extortion Campaigns Seek Your Personal Data and Money Spam Trends of the Week: Apple Subscriptions, HMRC Phishing and Extortion Campaigns Seek Your Personal Data and Money
Alina BÎZGĂ

January 27, 2022

4 min read
Scam Alert: Tens of thousands of users targeted in pyramid scheme spam campaign Scam Alert: Tens of thousands of users targeted in pyramid scheme spam campaign
Alina BÎZGĂ

January 13, 2022

3 min read
Is Your QNAP NAS Secretly Mining Crypto? Is Your QNAP NAS Secretly Mining Crypto?
Radu CRAHMALIUC

December 09, 2021

2 min read