Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on [email protected] for help. Thanks :)
Hello All, This is just a friendly reminder to read the Forum Charter where you wish to post before posting in it. :)

QNAP Qlocker ransomware attack!

Comments

  • Registered Users Posts: 2,193 ✭✭✭ deandean
    Registered User


    My QNAP NAS got encrypted a couple of week ago!

    All QNAP could say to me, was: Unfortunately we are unable to recover the encryption keys for this ransomware which is most likely to be ech0raix ransomware, all you will be able to do is re-initalize the NAS and wipe the hard drives create a new storage pool / volume then restore from any backup that you may have, this is the only way to fully get rid of the ransomware.

    So everything on my NAS is gone.

    Looking it up online, this has happened to thousands of users.

    QNAP is getting roasted for their poor response / handling of the problem.

    I don't know whether to reinitialise my NAS, or chuck it in the bin. I just don't trust the QNAP product at this stage. Seems like there are still vulnerabilities.

    Here is one good video about it on Youtube:




  • Registered Users Posts: 5,421 ✭✭✭ Wheety
    Registered User


    Is there anything I can do to try and protect my QNAP NAS? How are they getting to it? I haven't opened any ports on mine so don't think it's directly accessible but it is a network folder on my computer.


    Edit: Didn't raelise initial thread is a few months old. At least it's a reminder for me to update the NAS and apps.

    Post edited by Wheety on


  • Registered Users Posts: 2,193 ✭✭✭ deandean
    Registered User


    Yea, that's as much as you can do. QNAP has a few statements on their website about what you should do - updating, passwords, etc.



  • Registered Users Posts: 36,115 ✭✭✭✭ ED E
    Registered User


    I haven't opened any ports on mine so don't think it's directly accessible but it is a network folder on my computer.

    You didnt have to. The QNap did it all by itself (UPnP is wonderful). Plugged in, out of the box, its dangerous. Updated its still dangerous. Disable every service it runs it might be only moderately dangerous.


    Remember the QNAP could have been used as a beachhead against your LAN too.


    The way to protect yourself is to run Unraid/similar and keep it patched. If you want to use the QNAP you need to turn kill UPnP on your router at a bare minimum.



  • Registered Users Posts: 6,779 ✭✭✭ Flinty997
    Registered User


    Always have a few air gapped read only archives and test them now and then.

    This is only going to get more common.



  • Advertisement
Advertisement