Synology and QNAP NAS ransomware
-
A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage (NAS) devices.
This ransomware strain (also known as QNAPCrypt) first surfaced in June 2016, after victims began reporting attacks in a BleepingComputer forum topic.
The ransomware hit QNAP NAS devices in multiple waves, with two large-scale ones were reported in June 2019 and in June 2020.
eCh0raix also encrypted devices made by Synology in 2019, with Anomali researchers finding that the attackers brute-forced administrator credentials using default credentials or dictionary attacks.
At the time, the NAS maker warned its customers to secure their data from an ongoing and large-scale ransomware campaign. However, it did not name the ransomware operation responsible for the attacks.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login