QNAP urges its users to update Malware remover app after QSnatch Data-Stealing scenario
A malware threat dubbed QSnatch is known to target NAS (Network-Attached Storage) devices manufactured by the Taiwan-based QNAP Systems, Inc. Malware researchers at Finland’s National Cyber Security Center (NCSC-FI) were the first to spot the activity of this new threat in the middle of October 2019.
According to the reports, QNAP wants its users to update the Malware Remover app and bolster their NAS devices’ security following that the QSnatch malware is targeting QNAP NAS and attempting to obtain access. The finding of the Qsnatch by the two agencies have urged organizations to ensure their devices have not been previously compromised, and if so, run a full factory reset on the device before performing the firmware upgrade.
“Certain media reports claiming that the affected device count has increased from 7,000 to 62,000 since October 2019 are inaccurate due to a misinterpretation of reports from different authorities,” QNAP
“All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes. Further, once a device has been infected, attackers can prevent administrators from successfully running firmware updates.” the two agencies said
QNAP has updated its Malware Remover application for the QTS operating system on November 1, 2019, to detect and remove the malware from QNAP NAS and has also released an updated security advisory on November 2, 2019, to address the issue. Subsequently, QNAP has taken multiple actions (summarized as follows) to assist our users in defending data security:
|Date||Event and reaction|
|October 25, 2019||Notifications from authorities of Finland and Germany|
|November 1, 2019||QNAP released the updated Malware Remover for detecting and removing QSnatch|
|November 2, 2019||QNAP published the updated security advisory for QSnatch|
|November 7, 2019||QNAP released a Press Release to inform the public|
|November 2019 to January 2020||QNAP updated the security advisory multiple times to keep the public informed|
|February 2020 to June 2020||QNAP emailed possibly affected users to recommend an immediate update|
|July 31, 2020||QNAP released another Press Release to reassure the public|
Below some of the actions recommended by the vendor:
- Update QTS and Malware Remover.
- Install and update Security Counselor.
- Change the admin password and use a strong one.
- Enable IP and account access protection to prevent brute force attacks.
- Disable SSH and Telnet connections if they are not necessary.
- Avoid using default ports (i.e. 443 and 8080).
“Users are urged to install the latest version of the Malware Remover app from the QTS App Center or by manual downloading from the QNAP website,” QNAP said today. “QNAP also recommends a series of actions for enhancing QNAP NAS security.”
For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here.