Your review has been sent successfully

QNAP Alert

2110
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

7 December, 2021

● High

2021-3988

All

Description:

QNAP has released security alert to address a security issue where bitcoin miner is targeting the following product:

  • All QNAP NAS

Threats:

bitcoin miner cause the infected product to be overwhelmed resulting in Denial of service attack (DoS).

Best practice and Recommendations:

The CERT team encourages users to apply the following best practices:

To protect your device from infection, we recommend the following actions:

  • Update QTS or QuTS hero to the latest version.
  • Install and update Malware Remover to the latest version.
  • Use stronger passwords for your administrator and other user accounts.
  • Update all installed applications to their latest versions.
  • Do not expose your NAS to the internet, or avoid using default system port numbers 443 and 8080.

If you suspect your NAS has been infected with the bitcoin miner, restarting the NAS may also remove the malware.

Updating QTS or QuTS hero:

  • Log on to QTS or QuTS hero as administrator.
  • Go to Control Panel > System > Firmware Update.
  • Under Live Update, click Check for Update.
  • QTS or QuTS hero downloads and installs the latest available update.

Updating Malware Remover:

  • Log on to QTS or QuTS hero as administrator.
  • Open the App Center and then click the search icon .
  • A search box appears.
  • Enter "Malware Remover".
  • Malware Remover appears in the search results.
  • Click Update.
  • A confirmation message appears.
  • Note: The Update button is not available if your Malware Remover is already up to date.
  • Click OK.
  • The application is updated.

Changing an Administrator Password:

  • Log on to QTS or QuTS hero as administrator.
  • Click the profile picture on the QTS or QuTS hero Task Bar.
  • The Options window opens.
  • Click Change Password.
  • Specify the old password.
  • Verify the new password.
  • Click Apply.

Changing User Passwords

  • Log on to QTS or QuTS hero as administrator.
  • Go to Control Panel > Privilege > Users.
  • Select a user.
  • Click Change Password.
  • The Change Password window appears.
  • Specify the old password.
  • Specify the new password.
  • Verify the new password.
  • Click Apply.
  • Repeat the above steps to change passwords for other users.

Updating All Installed Applications:

  • Log on to QTS or QuTS hero as administrator.
  • Go to App Center.
  • Select My Apps.
  • Next to Install Updates, click All.
  • A confirmation message appears.
  • Click OK.
  • QTS or QuTS hero updates all your installed applications to their latest versions.

Changing the System Port Number:

  • Log on to QTS or QuTS hero as administrator.
  • Go to Control Panel > System > General Settings > System Administration.
  • Specify a new system port number.
  • Warning: Do not use 443 or 8080.
  • Click Apply.
  • QTS or QuTS hero applies the new system port number.

Last updated at 7 December, 2021

Rate the content

rate-icon
up icon