June 9, 2023

Taiwanese vendor QNAP has warned customers to secure NAS device exposed online from ransomware and brute-force attacks.

Customers can check whether their NAS is exposed online by using the Security Counselor, a built-in security portal for QNAP NAS devices.

If the NAS is exposed to the Internet the dashboard will display the message “The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP.”

Administrator of devices exposed to the Internet should:

  • Disable the Port Forwarding function of the router. Disable the port forwarding setting of NAS management service port (port 8080 and 433 by default) from the Virtual Server, NAT or Port Forwarding setting
  • Disable the UPnP function of the QNAP NAS from the QTS menu of myQNAPcloud. Disable the “Enable UPnP Port forwarding” under “Auto Router Configuration item.

The vendor also published a guide to securely access QNAP NAS via the Internet through myQNAPcloud Link.

Advertisements

In December last year, a new wave of ech0raix ransomware attacks targeted QNAP NAS devices. Users reported numerous compromises of their devices a few days before Christmas. ech0raix ransomware operators demand a ransom raising from .024 ($1,200) up to .06 bitcoins ($3,000).

Tags:

Leave a Reply

You may have missed

ACT Government Victim of Barracuda ESG Vulnerability

ACT Government Victim of Barracuda ESG Vulnerability

June 9, 2023
Anonymous Sudan Claims Responsible for Outlook Outages

Anonymous Sudan Claims Responsible for Outlook Outages

June 9, 2023
Visual Studio Bug Results in Takeover

Visual Studio Bug Results in Takeover

June 8, 2023
Cisco Fixes Secure Client Security Flaw

Cisco Fixes Secure Client Security Flaw

June 8, 2023
CISA Releases Guidelines on RMM

CISA Releases Guidelines on RMM

June 8, 2023
CrowdStrike Platform Enhancements

CrowdStrike Platform Enhancements

June 8, 2023
%d bloggers like this: