"According to QNAP QSA-20-06 with the same Subject, the problem was resolved last year:"infotecmb wrote: ↑Fri Apr 30, 2021 12:04 am New Security Advisory from QNAP:Do they misprint the name "AgeLocker" instead "Qlocker"? According to QNAP QSA-20-06 with the same Subject, the problem was resolved last year:Code: Select all
AgeLocker Ransomware Release date: April 29, 2021 Security ID: QSA-21-15 Severity: High Affected products: All QNAP NAS Status: Investigating Revision History: V1.0 (April 29, 2021) - Published
Or we have multiple ransomware attacks against QNAP with unknown vectors at this moment?Code: Select all
AgeLocker Ransomware Release date: September 25, 2020 Security ID: QSA-20-06 Severity: High CVE identifier: N/A Affected products: QNAP NAS devices Status: Resolved Revision History: V1.0 (September 25, 2020) - Published
At least eCh0raix ransomware is active now. You would be surprised to find the topic https://www.bleepingcomputer.com/forums ... 20ech0raix
So, QNAP currently investigating "AgeLocker Ransomware" (previously was declared as resolved), but Qlocker and eCh0raix have no "Investigating" status, users just pay the ransom.
This was patched last year. We just found someone with this malware. But we also found that person had old firmware. So we are investigating to see if this was infected through the old attack vector that was patched in 2020 or if there is a new attack vector. We intend to update the security advisory when we know more.