Threat Watch

QNAP Warns Users of Dovecat Malware

QNAP is a popular manufacturer of Network Attached Storage (NAS) devices that provides storage solutions for personal home users as well as enterprise solutions. The company is now urging customers to secure their devices against Dovecat malware that infects and exploits the devices to mine Bitcoin. Users have reported that this malware campaign has been active for about three months, with some customers stating that once infected, their devices have been rendered all but unusable. Synology, another NAS provider, has not yet issued an advisory but some of their customers are reporting similar problems. This is not the first time QNAP devices have come under attack with previous attacks from eChoraix Ransomware and AgeLocker Ransomware. The QNAP team has made this new attack a priority to develop a malware removal solution.

ANALYST NOTES

QNAP has provided a list of best practices to defend devices from future attacks. Users are recommended to keep their device and apps updated with the latest security definitions, use stronger admin passwords, install a firewall on the device, disable unused services and apps, avoid using default port numbers, install the company’s malware remover program, enable Network Access Protection that can protect against brute force attacks, and disable SSH and Telnet services if not used.

Source Article: https://www.bleepingcomputer.com/news/security/qnap-warns-users-to-secure-nas-devices-against-dovecat-malware/