A new cryptominer infection that obfuscates cleverly is making the rounds
https://blog.netlab.360.com/qnap-nas-us ... ur-system/
[WARNING] New Cryptominer wave targeting QNAP devices
- dolbyman
- Guru
- Posts: 35005
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
-
- Experience counts
- Posts: 1081
- Joined: Thu Aug 24, 2017 10:28 pm
Re: [WARNING] New Cryptominer wave targeting QNAP devices
Yep...
More links on the topic, with QNAP's advisory:
https://www.bleepingcomputer.com/news/s ... ocurrency/
https://www.qnap.com/en/security-news/2 ... s-security
More links on the topic, with QNAP's advisory:
https://www.bleepingcomputer.com/news/s ... ocurrency/
https://www.qnap.com/en/security-news/2 ... s-security
- jaysona
- Been there, done that
- Posts: 846
- Joined: Tue Dec 02, 2008 11:26 am
- Location: Somewhere in the Great White North
Re: [WARNING] New Cryptominer wave targeting QNAP devices
No surprise, this has been many, many months in the making and the signs have been there.
Typically these groups wait until the botnet reaches a certain size and then flips the switch and activates it.
I like this little tid-bit of info:
Typically these groups wait until the botnet reaches a certain size and then flips the switch and activates it.
I like this little tid-bit of info:
QNAP and Security appear to be polar opposites.Disproportionately impacted are the 1.1 million QNAP NAS users within the United States (554,481) and China (550,465) – representing nearly 80 percent of total global infections, according to a recent mapping of QNAP devices visible online.
RAID is not a Back-up!
H/W: QNAP TVS-871 (i7-4790. 16GB) (Plex server) / TVS-EC1080 (32Gig ECC) - VM host & seedbox
H/W: Asustor AS6604T (8GB) / Asustor AS7010T (16GB) (media storage)
H/W: TS-219 Pro / TS-509 Pro
O/S: Slackware 14.2 / MS Windows 7-64 (x5)
Router1: Asus RT-AC86U - Asuswrt-Merlin - 386.7_2
Router2: Asus RT-AC68U - Asuswrt-Merlin - 386.7_2
Router3: Linksys WRT1900AC - DD-WRT v3.0-r46816 std
Router4: Asus RT-AC66U - FreshTomato v2021.10.15
Misc: Popcorn Hour A-110/WN-100, Pinnacle Show Center 250HD, Roku SoundBridge Radio (all retired)
Ditched QNAP units: TS-269 Pro / TS-253 Pro (8GB) / TS-509 Pro / TS-569 Pro / TS-853 Pro (8GB)
TS-670 Pro x2 (i7-3770s 16GB) / TS-870 Pro (i7-3770 16GB) / TVS-871 (i7-4790s 16GB)
H/W: QNAP TVS-871 (i7-4790. 16GB) (Plex server) / TVS-EC1080 (32Gig ECC) - VM host & seedbox
H/W: Asustor AS6604T (8GB) / Asustor AS7010T (16GB) (media storage)
H/W: TS-219 Pro / TS-509 Pro
O/S: Slackware 14.2 / MS Windows 7-64 (x5)
Router1: Asus RT-AC86U - Asuswrt-Merlin - 386.7_2
Router2: Asus RT-AC68U - Asuswrt-Merlin - 386.7_2
Router3: Linksys WRT1900AC - DD-WRT v3.0-r46816 std
Router4: Asus RT-AC66U - FreshTomato v2021.10.15
Misc: Popcorn Hour A-110/WN-100, Pinnacle Show Center 250HD, Roku SoundBridge Radio (all retired)
Ditched QNAP units: TS-269 Pro / TS-253 Pro (8GB) / TS-509 Pro / TS-569 Pro / TS-853 Pro (8GB)
TS-670 Pro x2 (i7-3770s 16GB) / TS-870 Pro (i7-3770 16GB) / TVS-871 (i7-4790s 16GB)