News Cryptojackers Target QNAP's NAS Products Once Again

[Admin]

QNAP said in a security advisory that its NAS products are being targeted by "cryptojacking" malware.

Cryptojackers Target QNAP's NAS Products Once Again : Read more

 

[jeremyj_83]

QNAP flagship products have much better CPUs than Intel Celerons. We have one where I work that has a Ryzen 1700. Newer ones I've seen have Ryzen 3700X, Epyc 7302p, Xeon E 2236, etc...

 

[daeros]

I’m not here to bat for QNAP, but their flagship devices have much better than a Celeron. I just deployed a pair of TS-H2490FU SANs, and they have AMD Epyc 7302 processors and 256GB of RAM each. They also have some with dual active controllers with i7 and their Xeon equivalents.

 

[kal326]

QNAP: Let’s all these mostly useless cloud integration apps and services to our decides to try to spin it as value added.

Also QNAP: Don’t expose your NAS to the internet if all possible. How if you do, don’t do it in the was that our click out of the box setup tells you too.

I had one unit getting pounded by failed default administrative account login attempts years ago with just their cloud link enabled which evidently was enough to expose the public endpoint to the world to try to brute force. Luckily that account was disabled and replaced with a none standard. Seems they have been getting hacked left and right though.

 

[punkncat]

Synology faces the same issues.

The control panel for the NAS will throw a message every now and again to tell you the password you are using may have been compromised. On its own it seems sort of a built in, time related thing, but in conjunction with the MS and Apple programs that search for breeched passwords is immediate cause to do so.