QNAP has been hit by weak password attacks targeting NAS devices exposed to the Internet. Luckily, the company managed to block most of the attacks by finding the command and control center with the help of Digital Ocean.
As Bitdefender's telemetry has revealed many times, NAS devices are among the most-targeted devices in people's homes. It's also not the first time QNAP NAS devices have been under this attack.
The company recently announced that it detected a new wave of attacks focused on weak passwords. Of course, NAS devices exposed to the Internet became the target, as criminals tied to log in.
"QNAP detected this activity at 6:42 PM on October 14, 2023," explained the company. "The QNAP Product Security Incident Response Team (QNAP PSIRT) swiftly took action by successfully blocking hundreds of zombie network IPs through QuFirewall within 7 hours, effectively protecting numerous internet-exposed QNAP NAS devices from further attack."
What makes this attack stand out is the company's response, which figured out a way to stop the attacks at the source.
"Within 48 hours, they also successfully identified the source C&C (Command & Control) server and, in collaboration with the cloud service provider Digital Ocean, took measures to block this C&C server, preventing the situation from escalating further," the company explained.
QNAP also offered several pieces of advice to spare others the same problem.
We can also add to that list that it's a good idea to deploy multi-factor authentication whenever possible and to make sure the password used for authentication on NAS is unique and not deployed on other online services, no matter how complex or strong it might be.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsNovember 14, 2024
September 06, 2024