CyberNews Briefs

62,000 QNAP NAS devices infected with persistent QSnatch malware

The US CISA and UK NCSC have warned that there are roughly 62,000 QNAP Network Attached Storage devices infected with malware. The compromised devices are located across the globe and are allowing unknown cyber actors to access stored information. The malware variant targeting the QNAP devices has been named QSnatch and targets QTS, which is the Linux-based OS powering the devices.

The malware is able to steal credentials, create an SSH backdoor, and a web shell, as well as exfiltrate files and prevent users from installing updates. Variants of the QSnatch malware have been around since at least 2019, as two agencies have identified campaigns aimed at spreading it. Experts report that the malware appears to be injected into the device firmware during the infection stage, and the malicious code runs within the device after initial infection to compromise the device.

Read More: 62,000 QNAP NAS devices infected with persistent QSnatch malware

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.