Tough to take out, risk vector opaque, attackers unknown…
Thriller attackers have infected 62,000 world-wide network attached storage (NAS) devices from Taiwan’s QNAB with refined malware that helps prevent administrators from working firmware updates. Bizarrely, years into the marketing campaign, the specific risk vector has even now not been publicly disclosed.
The QSnatch malware is able of a vast variety of steps, including thieving login credentials and procedure configuration facts, this means patched bins are frequently swiftly re-compromised, the NCSC warned this 7 days in a joint advisory [pdf] with the US’s CISA, which revealed the scale of the situation.
The cyber actors liable “demonstrate an awareness of operational security” the NCSC claimed, including that their “identities and objectives” are unknown. The company claimed about 3,900 QNAP NAS bins have been compromised in the Uk, seven,600 in the US and an alarming 28,000-as well as in Western