Qlocker 랜섬웨어 경고(큐냅 나스 공격 랜섬웨어)

4월 23일 QNAP으로부터 비정기 메일이 도착했다.

 

제목:

Response to Qlocker Ransomware Attacks: Take Actions to Secure QNAP NAS

내용을 보니 큐냅 나스를 공격하는 랜섬웨어가 발생했고 피해를 방지하기 위해서 즉시 조치를 취하라는 내용이었다.

• Malware Remover 최신으로 설치 검사
• Multimedia Console 업데이트
• Media Streaming Add-on 업데이트
• Hybrid Backup Sync 업데이트
• 어려운 비밀번호로 변경
• 기본 8080 관리포트 변경

등의 조치 내용이 담겨있었다.

바로 관리하고 있는 큐냅 나스들의 업데이트를 진행했다.

 

아래는 큐냅에서 온 메일의 전문이다.
큐냅 사이트에서 확인가능하다. (여기)

 

---

2021-04-22

Response to Qlocker Ransomware Attacks: Take Actions to Secure QNAP NAS

Taipei, Taiwan, April 22, 2021 – QNAP® Systems, Inc. (QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users’ data for ransom. QNAP strongly urges that all users immediately install the latest Malware Remover version and run a malware scan on QNAP NAS. The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. QNAP is urgently working on a solution to remove malware from infected devices.

 

QNAP has released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical Support at https://service.qnap.com/.

 

For unaffected users , it's recommended to immediately install the latest Malware Remover version and run a malware scan as a precautionary measure. All user should update their passwords to stronger ones, and the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version. Additionally, users are advised to modify the default network port 8080 for accessing the NAS operating interface. Steps to perform the operation can be found in the information security best practice offered by QNAP (https://qnap.to/3daz2n). The data stored on NAS should be backed up or backed up again utilizing the 3-2-1 backup rule, to further ensure data integrity and security.

 

For details, please refer to the QNAP security advisory QSA-21-11 (https://qnap.to/3eq7hy) and QSA-21-13 (https://qnap.to/3dygse).

 

QNAP Product Security Incident Response Team (PSIRT) constantly monitors the latest intelligence to deliver up-to-date information and software updates, ensuring data security for users. Once again, QNAP urges users to take the above-mentioned actions and periodically check/install product software updates to keep their devices away from malicious influences. QNAP also provides the best practice for improving personal and organizational information security. By working together to fight against cybersecurity threats, we make the Internet a safer place for everyone.

 

 

About QNAP Systems, Inc.

 

QNAP (Quality Network Appliance Provider) is devoted to providing comprehensive solutions in software development, hardware design and in-house manufacturing. Focusing on storage, networking and smart video innovations, QNAP now introduce a revolutionary Cloud NAS solution that joins our cutting-edge subscription-based software and diversified service channel ecosystem. QNAP envisions NAS as being more than simple storage and has created a cloud-based networking infrastructure for users to host and develop artificial intelligence analysis, edge computing and data integration on their QNAP solutions.

 

Media Contacts

 

marketing@qnap.com