Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

QNAP Qlocker ransomware attack!

Options

Comments

  • Options
    #2
    deandean
    Registered Users Posts: 2,224 ✭✭✭deandean


    My QNAP NAS got encrypted a couple of week ago!

    All QNAP could say to me, was: Unfortunately we are unable to recover the encryption keys for this ransomware which is most likely to be ech0raix ransomware, all you will be able to do is re-initalize the NAS and wipe the hard drives create a new storage pool / volume then restore from any backup that you may have, this is the only way to fully get rid of the ransomware.

    So everything on my NAS is gone.

    Looking it up online, this has happened to thousands of users.

    QNAP is getting roasted for their poor response / handling of the problem.

    I don't know whether to reinitialise my NAS, or chuck it in the bin. I just don't trust the QNAP product at this stage. Seems like there are still vulnerabilities.

    Here is one good video about it on Youtube:

    https://www.youtube.com/watch?v=S_4p68lDWfA




  • Options
    #3
    Wheety
    Registered Users Posts: 5,510 ✭✭✭Wheety


    Is there anything I can do to try and protect my QNAP NAS? How are they getting to it? I haven't opened any ports on mine so don't think it's directly accessible but it is a network folder on my computer.


    Edit: Didn't raelise initial thread is a few months old. At least it's a reminder for me to update the NAS and apps.

    Post edited by Wheety on


  • Options
    #4
    deandean
    Registered Users Posts: 2,224 ✭✭✭deandean


    Yea, that's as much as you can do. QNAP has a few statements on their website about what you should do - updating, passwords, etc.



  • Options
    #5
    ED E
    Registered Users Posts: 36,166 ✭✭✭✭ED E


    I haven't opened any ports on mine so don't think it's directly accessible but it is a network folder on my computer.

    You didnt have to. The QNap did it all by itself (UPnP is wonderful). Plugged in, out of the box, its dangerous. Updated its still dangerous. Disable every service it runs it might be only moderately dangerous.


    Remember the QNAP could have been used as a beachhead against your LAN too.


    The way to protect yourself is to run Unraid/similar and keep it patched. If you want to use the QNAP you need to turn kill UPnP on your router at a bare minimum.



  • Options
    #6
    Flinty997
    Registered Users Posts: 11,627 ✭✭✭✭Flinty997


    Always have a few air gapped read only archives and test them now and then.

    This is only going to get more common.



  • Advertisement
Advertisement