News Cryptojackers Target QNAP's NAS Products Once Again

daeros

Distinguished
Jan 29, 2009
34
3
18,535
0
I’m not here to bat for QNAP, but their flagship devices have much better than a Celeron. I just deployed a pair of TS-H2490FU SANs, and they have AMD Epyc 7302 processors and 256GB of RAM each. They also have some with dual active controllers with i7 and their Xeon equivalents.
 

kal326

Distinguished
Dec 31, 2007
1,189
52
19,370
1
QNAP: Let’s all these mostly useless cloud integration apps and services to our decides to try to spin it as value added.

Also QNAP: Don’t expose your NAS to the internet if all possible. How if you do, don’t do it in the was that our click out of the box setup tells you too.

I had one unit getting pounded by failed default administrative account login attempts years ago with just their cloud link enabled which evidently was enough to expose the public endpoint to the world to try to brute force. Luckily that account was disabled and replaced with a none standard. Seems they have been getting hacked left and right though.
 

punkncat

Distinguished
Ambassador
Synology faces the same issues.

The control panel for the NAS will throw a message every now and again to tell you the password you are using may have been compromised. On its own it seems sort of a built in, time related thing, but in conjunction with the MS and Apple programs that search for breeched passwords is immediate cause to do so.
 

ASK THE COMMUNITY