The networking and storage solutions provider says it has received reports from users who had their devices infected with the malware, and, after analyzing the attacks, discovered that the use of weak passwords on Internet-connected devices was the root cause of infection. Installing Bitcoins on the infected NAS devices without any consent
Las year the company issued a warning to users of attack. At the time, the company also encouraged users to report all identified infections, and to ensure that they are running the latest versions of the NAS firmware and Malware Remover.
This week, the company also urged users to update the QTS operating system to the latest version, install Security Counselor and execute it with Intermediate Security Policy (or above), install a firewall, and enable Network Access Protection, so that accounts are protected from brute force attacks. Use strong passwords with disabling all unwanted ports
QNAP also tells users they should avoid using default port numbers (such as 80, 443, 8080, and 8081), and encourages them to enhance the security of their NAS devices by following best practices .