Security Advisory for XMR Mining Program
Release date: May 4, 2017
Last updated: May 4, 2017
Bulletin ID: NAS-201705-04
Severity rating: Critical
Summary
Internal research and third-party reports show that several QNAP NAS devices running QTS have been injected with XMR mining programs, specifically from mineXMR.com. Such programs cause CPU usage to increase and are typically undetected unless the lag in device performance is significant.
As of publication time, QNAP is investigating the root cause of the vulnerability and is working on a fix. In the meantime, users are advised to install the updated Malware Remover application that can detect and delete known XMR mining programs used in this particular attack.
Solution
Installing Malware Remover 2.1.1
Log on as administrator on your QNAP NAS.
Open the App Center and click the Search icon.
Type “Malware Remover” and then press ENTER.
The Malware Remover application appears in the search results list.
Click Install.
Malware Remover scans the NAS and deletes any XMR mining programs.
Once installed, Malware Remover performs daily scans at 3:00 AM (system time) or after the NAS is powered on.
Checking the Logs
To check whether Malware Remover has detected and deleted XMR mining programs, go to Control Panel > System > System Logs > System Event Logs.
Important: Running Malware Remover does not prevent possible program injections. QNAP recommends updating to the latest available version of Malware Remover to ensure continued protection against new mining program variants.
https://www.qnap.com/en/support/con_show.php?cid=116
Security Advisory for XMR Mining Program
Welcome note and must-know for QNAP Forum members.
-
- New here
- Posts: 5
- Joined: Mon Aug 29, 2016 1:20 pm
Jump to
- QNAP General
- ↳ Announcements
- ↳ Features Wanted
- ↳ Users' Corner
- ↳ Official Apps
- ↳ Prestashop
- ↳ Webalizer
- ↳ Virtualization Station
- ↳ Notes Station
- ↳ SocialLink Station
- ↳ McAfee Antivirus
- ↳ IT Management Station
- ↳ Container Station
- ↳ Qsirch & Qfiling
- ↳ Community Apps
- ↳ Apps Wanted
- ↳ Partner Apps
- ↳ BitTorrent Sync
- ↳ EZPhone
- ↳ Plex Media Server
- ↳ Ragic
- ↳ Tonido
- Getting Started
- ↳ Frequently Asked Questions
- ↳ Presales
- ↳ Turbo Station Installation & Setup
- General
- ↳ Hardware & Software Compatibility
- ↳ HDD Spin Down (HDD Standby)
- ↳ Seagate Drive Discussion
- ↳ Western Digital Drive Discussion
- ↳ File Sharing
- ↳ Mac OS
- ↳ Linux & Unix (NFS)
- ↳ Windows
- ↳ Backup & Restore
- ↳ Symform
- ↳ Microsoft Azure
- ↳ OpenStack Swift
- ↳ Amazon Glacier
- ↳ Amazon S3
- ↳ WebDAV-based Backup
- ↳ Google Cloud Storage
- ↳ Object Storage Server
- ↳ ElephantDrive
- ↳ Xopero
- ↳ System & Disk Volume Management
- ↳ Web Server & Applications (Apache + PHP + MySQL / SQLite)
- ↳ Download Station and QGet
- ↳ myQNAPcloud service
- ↳ Surveillance Solution
- ↳ Miscellaneous
- ↳ QIoT
- ↳ QuAI
- ↳ QVR Face
- Business
- ↳ Windows Domain & Active Directory
- ↳ iSCSI – Target & Virtual Disk
- ↳ Remote Replication/ Disaster Recovery
- ↳ Server Virtualization & Clustering
- ↳ NAS Management
- ↳ QES Operating System (QNAP Enterprise Storage OS)
- Multimedia
- ↳ Photo Station, Music Station, Video Station
- ↳ Media Streaming
- ↳ Mobile Devices