pavelh wrote: ↑Sun Mar 21, 2021 9:25 pm
Yes, my NAS was exposed to internet, as I used it also as a web photo gallery (Gallery 3.0.9).
Do not expose the QNAP to the web unless you are technically inclined and know what you are doing.
- QTS and its associated app are written very poorly, are not written secure and are a common vector for infecting a QNAP.
- The QNAP built-in Apache server and PHP versions are also old, which means there are many vulnerabilities to exploit.
Thank you syncthing - would you know how to do a real full factory reset that all data incl. the ransomware code gets removed?
The only way to ensure the NAS is completely malware fee is to perform the following:
1. Do a firmware recovery, this will ensure that no malware was copied to the DOM and gets installed upon NAS reboot.
https://wiki.qnap.com/wiki/Firmware_Recovery
2. Wipe the disk partitions.
3. You will probably need to install an older firmware first after the firmware recovery before installing the latest firmware.
Still, how comes that despite of QNAP Malware Remover is installed and active, 100s of tousands of data files got hacked?
It seems that QNAP is a lot less secure compared to an ordinary PC with antivirus - unbelievable ...!!!!
The QNAP Malware Remover is a pretty dumb program - probably in the area of late 1990's Anit-Virus utility in terms of sophistication. The QNAP Malware Remover can only remove malware which it has a fingerprint for and the malware files need to be in the specific directories that the QNAP Malware Remover expects them to be. Change a file name, location, etc and the QNAP Malware Remover skips right over the malware.
Despite what QNAP marketing tries to make people believe, it as a bad idea to expose the NAS to the Internet if you are not technically inclined.
RAID is not a Back-up!
H/W: QNAP TVS-871 (i7-4790. 16GB) (Plex server) / TVS-EC1080 (32Gig ECC) - VM host & seedbox
H/W: Asustor AS6604T (8GB) / Asustor AS7010T (16GB) (media storage)
H/W: TS-219 Pro / TS-509 Pro
O/S: Slackware 14.2 / MS Windows 7-64 (x5)
Router1: Asus RT-AC86U - Asuswrt-Merlin - 386.7_2
Router2: Asus RT-AC68U - Asuswrt-Merlin - 386.7_2
Router3: Linksys WRT1900AC - DD-WRT v3.0-r46816 std
Router4: Asus RT-AC66U - FreshTomato v2021.10.15
Misc: Popcorn Hour A-110/WN-100, Pinnacle Show Center 250HD, Roku SoundBridge Radio (all retired)
Ditched QNAP units: TS-269 Pro / TS-253 Pro (8GB) / TS-509 Pro / TS-569 Pro / TS-853 Pro (8GB)
TS-670 Pro x2 (i7-3770s 16GB) / TS-870 Pro (i7-3770 16GB) / TVS-871 (i7-4790s 16GB)