Jump to content
RESET Forums (homeservershow.com)

Malware affecting QNAP NAS's

Al_Borges

By Al_Borges,
in QNAP

 Share

Recommended Posts

Al_Borges HSS Champion

Al_Borges

Posted
Posted

still trying to get out from under a situation where my QNAP has been borked

 

apparently  QNAP NAS'S has been subjected to MALWARE infection

 

https://www.qnap.com/en-us/security-advisory/nas-201902-13

 

I still have access to my shares but I cant access most of my apps nor update or install anything

 

QNAP Tech support responded  and is logged into my machine

 

This happened after I went ahead and installed firmware update  a week ago 

 

don't know if I can recover or if I would even trust this box without a full reinitialize

 

fortunately,  I did a full system backup before the firmware upgrade -  so I have that going for me at least

 

Something is fishy -  QNAP issued 3 firmware updates during March

 

So those running QNAP NAS's   take heed

 

and for you Synology users -    smile, but recheck your security processes !!!

 

Link to comment
Share on other sites
Tedster HSS Member

Tedster

Posted
Posted

That's not good! I do hope you get a positive outcome but I'd be tempted to wipe the unit and start afresh.

 

I have a Synology unit myself. With my circumstances, I'm able to leave it restricted to my internal LAN. Every time I hear something like this, I'm kinda glad that I do!

Link to comment
Share on other sites
Al_Borges HSS Champion

Al_Borges

Posted
  • Author
Posted

UPDATE:    The QNAP SUPPORT GUY was great and was logged on for almost an Hour Friday Night

 

But he couldn't get it fixed -   He told me that he was going to escalate this and get back to me this week.

 

Wasn't sure that even if were fixed,  I could trust it.

 

so after verifying that I had good backups,   I reinitialized the NAS and reformated all the data disks

 

Loading in the backup files now -   

 

The process wasn't difficult nor did it require a lot of touch time -   but a lot of downtime  ~  8 hours for building the raid and going on 12 hours to load in the data

 

cant help but think that someone hacked the firmware update -  it happened immediately after I installed one

 

The biggest challenge in security now and in the future will be moles infiltrating previously trusted spaces
 
again,  I am not going to install any firmware update that is newer than a month going forward,  My NAS was working fine and the "updates"  didnt add anything of value to warrant the risk.
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...