As per QNAP and Finish Cyper Security team recommendation, disconnect QNAP devices from the internet until further notice!
With that said, I assume many here are running a NAS of some sort. The WD and Synology users are not affected this time, QNAP however is massively.
Just want to make sure noone looses their collection to some malware.
Interesting, I would have expected more attacks on something like wd or synology
Synology recently took a lot of different crypto trojans.
And as NASes are about as abundant as unsecured smart devices, an obvious target.
Yes agreed, they can be a pretty good target and security flaw
With the amount of this that flies arround the internet, I am wondering why people put up with ISP provided “routers”.
While roling PFSense at home may be a bit much, proper gear from Netgear, Dell, HPE, Cisco or MikroTik does come in cheap and provides much better security (and features).
Yes, I agree, I really don’t like when isps force a home router and modem on people. Also in the us isps can just sell your data and you can do nothing, so I mean you already don’t have any privacy lol
Unless you desperately need outside access I would turn off any ports to the outside world…especially default ones
That’s another thing people don’t have, a properly configured firewall lol
Bumping this thread, because the same thing happened (again) and another fun hard-coded credentials problem surfaced.