News Hackers Exploit QNAP Vulnerabilities to Turn NAS Devices Into Crypto Miners

[Admin]

Researchers claim that vulnerabilities in QNAP's products have been exploited to turn NAS devices into crypto miners.

Hackers Exploit QNAP Vulnerabilities to Turn NAS Devices Into Crypto Miners : Read more

 

[NightHawkRMX]

@USAFRet I know you have a qnap and might find this information useful.

 

[scottsoapbox]

Nathaniel, They would be offloading the costs of crypto mining to their victims, not offsetting them.

 

[USAFRet]

@USAFRet I know you have a qnap and might find this information useful.

Thanks.
Easy to mitigate:

1. Don't have the thing accessible to the outside. Or if you do, push only. No incoming.
2. Disable the original admin acct. New accounts and strong passwords.
3. Firmware. QNAP pushes out a new one every 4-6 weeks. If you're still on a firmware version of pre Aug 2020, you're a fool (just like regular Windows/Linux/Apple OS updates)
4. Disable UPnP

 

[atomicWAR]

Me, "I have a bag of potatoes."

Crypto Miner, "I can get 5 MH/s with those with the proper materials and tuning!"

 

[Integr8d]

This exact same thing happened to Synology like 7 or 8 years ago. You had to ssh in to look at the pids to see if you’d been affected. The activity was hidden from the GUI. Clever stuff. But undoubtedly far more effective back then.