In the run-up to Christmas, hundreds of QNAP Network Attached Storage (NAS) owners have fallen victim to ransomware attacks. According to Malware Hunter Team, the attacks involve new versions of the eCh0raix ransomware, also known as QNAPCrypt.
A NAS actually consists of one or more hard drives that are connected to the user’s network. This allows you to access the files on the NAS from any computer, laptop or phone that is connected to this network. This personal form of cloud storage is therefore widely used by people for important data, backups and, for example, photos with a lot of sentimental value.
It seems that these attacks mainly affect users who have not configured their NAS properly. As a result, it may inadvertently be accessed via the Internet. In combination with a simple or standard password, this makes it relatively easy for the attackers to take over the NAS. In addition, it seems to some users that attackers have penetrated through a vulnerability in the QNAP photo application Photo Station.
Expensive Christmas surprise
According to Bleeping Computer, the attackers in this series of attacks demand between $1,400 and $3,000, depending on the amount of data. Many users did not have a backup of the NAS and thus have been forced to pay the attackers to get their files back for the time being. It is important to know that there is a free decryptor available for previous versions of the ransomware used. No decryptor is yet available for the 1.04 and 1.05 versions that were used in this attack.
The most vulnerable time of the year
During the holidays, many IT employees are free and digital emergency services are difficult to reach. Christmas is also often the time when users go through their collection of photos with their family. That is often the reason to attack users right now because it puts extra pressure to pay and solve the problem quickly.
Christmas is also a lucrative period for the digital burglar and ordinary citizens are still at risk despite the ransomware focus on companies. If you have a QNAP NAS, make sure that you also use the security tips QNAP prepared during a previous wave of attacks against QNAPCrypt.
Catch up on more articles here
Follow us on Twitter here