QNAP NAS Devices Targeted Now by Another Cryptocurrency Mining Malware

Yesterday, QNAP (Quality Network Appliance Provider), the provider of solutions in fields like hardware design, in-house manufacturing, or software development having its focus on video innovation, storage, and networking, published a security alert on their website informing about a new cryptocurrency mining malware that has started to target its devices.  Customers are required to implement straight off some preventive measures.

A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process named “[oom_reaper]” could occupy around 50% of the total CPU usage. This process mimics a normal, legitimate kernel process with the same name. However, while the legitimate kernel process PID is usually below 1000, the bitcoin miner PID is usually greater than 1000.

Source

The company wrote that a current investigation is ongoing on this topic, however, data related to the initial vector access vector has not been provided.

Mitigation Measures Recommended by QNAP

Following this news, QNAP made also some recommendations for its clients on how to keep their devices protected:

The QTS or QuTS hero should be updated to the most recent version; Malware Remover should be also installed and updated to the most

Read More: https://heimdalsecurity.com/blog/qnap-nas-devices-are-now-being-targeted-by-another-cryptocurrency-mining-malware/