[WARNING] New Cryptominer wave targeting QNAP devices

Introduce yourself to us and other members here, or share your own product reviews, suggestions, and tips and tricks of using QNAP products.
Post Reply
User avatar
Posts: 22650
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

[WARNING] New Cryptominer wave targeting QNAP devices

Post by dolbyman » Tue Mar 09, 2021 10:38 pm

A new cryptominer infection that obfuscates cleverly is making the rounds

https://blog.netlab.360.com/qnap-nas-us ... ur-system/

Been there, done that
Posts: 942
Joined: Thu Aug 24, 2017 10:28 pm

Re: [WARNING] New Cryptominer wave targeting QNAP devices

Post by Mousetick » Tue Mar 09, 2021 11:05 pm

User avatar
Been there, done that
Posts: 655
Joined: Tue Dec 02, 2008 11:26 am
Location: Somewhere in the Great White North

Re: [WARNING] New Cryptominer wave targeting QNAP devices

Post by jaysona » Wed Mar 10, 2021 1:32 am

No surprise, this has been many, many months in the making and the signs have been there.

Typically these groups wait until the botnet reaches a certain size and then flips the switch and activates it.

I like this little tid-bit of info:
Disproportionately impacted are the 1.1 million QNAP NAS users within the United States (554,481) and China (550,465) – representing nearly 80 percent of total global infections, according to a recent mapping of QNAP devices visible online.
QNAP and Security appear to be polar opposites. :roll: :roll:
H/W: TS-219 Pro / TS-269 Pro / TS-253 Pro (8Gig) / TS-509 Pro x2 / TS-569 Pro
H/W: TS-670 Pro (i7-3770S 16Gig) x2 / TS-853 Pro (8Gig) / TVS-871 Pro (i7-4790S 16Gig)
O/S: Slackware 14.2 / MS Windows 7-64 (x5)
Router1: Asus RT-AC86U - Asuswrt-Merlin - 384.19
Router2: Asus RT-AC68U - DD-WRT v3.0-r39960M kongac
Router3: Linksys WRT1900AC - DD-WRT v3.0-r43028 std
Router4: Asus RT-AC66U - FreshTomato v2020.7
Misc: Popcorn Hour A-110/WN-100, Pinnacle Show Center 250HD, Roku SoundBridge Radio (all retired)

Post Reply

Return to “Users' Corner”