QNAP, a Taiwan-based network-attached storage (NAS) vendor, warned its NAS customers to make sure they’re using strong passwords, have the latest version of its QTS firmware installed and are staying vigilant about their device’s security in response to Anomali’s disclosure of the eCh0raix Ransomware earlier this month.
QNAP published a security advisory for its NAS customers, which warns them about the dangers this ransomware can pose, while also listing several “Recommendations” for as-of-yet unaffected users to follow to prevent infection.
These steps include updating QTS to the latest version, installing and updating Malware Remover, using a “Stronger” administrator password (it’s unclear what they mean by this), enabling Network Access Protection, disabling SSH and Telnet, and avoiding the use of ports 443 and 8080. For anyone who has been hit by the eCh0raix ransomware, QNAP says it’s “working on a solution” to remove the malware, and will release it at the “soonest possible time.”
It’s been roughly two weeks since the advisory was posted, and it doesn’t appear to have been updated with any information regarding this solution, so it is likely still in development.