At the end of April 2021, QNAP brand Network-attached storage (NAS) devices were attacked worldwide.  QNAP NAS users suddenly found that the files stored on the devices were encrypted.

Cybercriminals scanned for QNAP NAS devices connected to the Internet. They exploited their vulnerabilities using a backdoor account to hack into QNAP NAS devices and encrypt stored files. The ransomware affected the files by changing the extensions of the original files to the “.7z” extension. So, the attack victims discovered that their encrypted files were stored in password-protected 7zip archives. The ransomware also uploaded the “Read me.txt” text files to the affected folders stating that the files were encrypted. The cyber attackers demanded to pay ransom in bitcoin currency to decrypt the compromised users’ files and not leak personal data.

As small-to-medium business owners commonly use QNAP NAS devices for network storage, they should be aware of the still happening attacks. There are updates available for the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to fix the vulnerabilities. Also, it is crucial to install the latest QNAP firmware to protect your device against these ransomware attacks. In addition, there are some best practice steps recommended by QNAP to enhance NAS devices security

If cybercriminals attacked your QNAP NAS device and your files were encrypted, DO NOT pay the ransom payment demanded by the attackers. By paying the cybercriminals, you encourage them to create new ransomware, which can harm many people around the world. Please contact Circuit Networks IT professionals, and we will find a solution to decrypt your files and get your data back. We will also install all the security updates required by your QNAP NAS device according to the best practice recommended by QNAP.  Keeping your security updates and patches up-to- will allow you to avoid future attacks and keep your information stored on the QNAP NAS device protected.

Please contact Circuit Networks on (02) 5104 9899 or fill out our contact form.