QNAP Systems to Remove Malware from Infected NAS Devices

Ransomware

Following a series of ransomware attacks, QNAP Systems, a manufacturer of network-attached storage (NAS) appliances, has confirmed that it is working urgently to find a solution to remove malware from compromised NAS computers.

The Taiwanese firm, which manufactures both NAS and professional network video recorder (NVR) solutions, has long urged users to beef up their devices’ security.

With ransomware families such as Qlocker and eCh0raix targeting QNAP NAS devices, the company is recommending users to download and instal the new Malware Remover version and search their devices for any signs of infection.

The NAS maker has modified the Malware Remover tool for platforms like QTS and QuTS hero “to counter the ransomware threat,” and advises users to keep their NAS devices up and running if their data has been encrypted.

And users who are not infected should run the new Malware Remover update as a precaution. QNAP also recommends that users “modify the default network port 8080 for accessing the NAS operating interface.”

The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync applications should all be updated to the latest versions, according to the company.

On Thursday, the HBS 3 Hybrid Backup Sync application was revised to correct a flaw in inappropriate authorization. The vulnerability, which has been assigned the number CVE-2021-28799 and is of critical severity, can be exploited by remote attackers to gain access to QNAP NAS computers.

CVE-2021-28799 and CVE-2020-36195, two vulnerabilities that were fixed last week, were used in the Qlocker attacks, according to Bleeping Computer.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.