Network-connected storage (NAS) equipment maker QNAP on Tuesday unveiled a new advisory warning of a cryptocurrency mining malware targeting its devices, urging shoppers to acquire preventive actions with speedy influence.
“A bitcoin miner has been claimed to target QNAP NAS. When a NAS is infected, CPU utilization will become unusually higher in which a process named ‘[oom_reaper]’ could occupy close to 50% of the total CPU use,” the Taiwanese enterprise stated in an notify. “This process mimics a kernel method but its [process identifier] is commonly better than 1000.”
QNAP said it is really now investigating the infections, but did not share more information and facts on the first obtain vector that’s being utilised to compromise the NAS units. Influenced customers can clear away the malware by restarting the appliances.
In the interim, the business is recommending that users update their QTS (and QuTS Hero) running methods to the most recent variation, implement robust passwords for administrator and other consumer accounts, and chorus from exposing the NAS units to the internet.
QNAP NAS gadgets have lengthy been a rewarding focus on for a quantity of destructive strategies in new years.
In July 2020, cybersecurity organizations in the U.S. and U.K. issued a joint bulletin about a risk that infected the NAS devices with a information-stealing malware dubbed QSnatch (or Derek). In December 2020, the device maker warned of two high-severity cross-web page scripting flaws (CVE-2020-2495 and CVE-2020-2496) that enabled distant adversaries to choose above the products.
Then in March 2021, Qihoo 360’s Network Security Investigation Lab disclosed a cryptocurrency marketing campaign that exploited two security flaws in the firmware โ CVE-2020-2506 and CVE-2020-2507 โ to attain root privileges and deploy a miner termed UnityMiner on compromised gadgets. And as of April this calendar year, QNAP NAS equipment have also been the concentrate on of eCh0raix and Qlocker ransomware attacks.
Uncovered this posting interesting? Adhere to THN on Fb, Twitter ๏ and LinkedIn to browse more distinctive content we publish.
Some parts of this article are sourced from:
thehackernews.com