The Latest QNAP Networks News
Product and Solution Information, Press Releases, Announcements

Taipei, Taiwan, July 12, 2019 - QNAP® Systems, Inc. (QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that a new variant of ransomware named eCh0raix is targeting QNAP NAS and encrypting users’ data for ransom. QNAP strongly urges all users to take steps listed in the corresponding QNAP Security Advisory (https://www.qnap.com/go/security-advisory/nas-201907-11) to secure their QNAP NAS, while QNAP is urgently working on a solution to remove malware from infected devices.

According to user reports, infected QNAP NAS are either with older versions of QTS, or had recorded multiple unrecognized login attempts before eCh0raix began encrypting users’ data. A strong password shall be used to prevent brute force attacks. To minimize risks of being infected by eCh0raix, QNAP strongly urges all NAS users to take the following actions:

• Update QTS to the latest version.
• Install and update Malware Remover to the latest version.
• Use a stronger admin password.
• Enable Network Access Protection to protect accounts from brute force attacks.
• Disable SSH and Telnet services if not in use.
• Avoid using default port numbers 443 and 8080.

These actions can further enhance NAS security and make it harder for eCh0raix to get into QNAP NAS. For detailed instructions, please refer to the Security Advisory.

The QNAP Security Response Team is now working on a solution to remove eCh0raix from infected devices. QNAP would also like to acknowledge and thank Anomali and Intezer for their contributions to the investigation.