Carding 4 Carders
Professional
Taiwanese experts have dealt a powerful blow to the cybercrime infrastructure.
QNAP, a Taiwanese manufacturer of network equipment, recently successfully resisted a cyberattack targeting network-attached storage (NAS) systems with weak passwords that are publicly available on the Internet.
On the evening of October 14, the company detected a flurry of attacks and, with the support of the cloud provider DigitalOcean, disabled the attackers command and control server (C2 server), which manages a botnet of hundreds of infected systems.
The QNAP Product Security Incident Response Team (QNAP PSIRT) blocked hundreds of "zombie networks" in 7 hours using QuFirewall proprietary software, protecting many QNAP NAS devices from further attacks.
"Within 48 hours, we also successfully identified the source of the C2 server and, together with the cloud provider DigitalOcean, took measures to block it," the company said.
QNAP representatives highly appreciated their actions. According to them, this not only helped QNAP NAS users avoid damage, but also protected users of other network storage from this wave of attacks.
Despite the fact that the attack was successfully repelled, attackers rarely sit idly by, so QNAP urged customers to independently strengthen the protection of their devices: change the standard access ports, deactivate port forwarding on routers and UPnP on NAS, apply secure password policies, and disable the administrator account on endpoints.
Cybercriminals often target NAS devices to steal or encrypt valuable documents. Recent attacks on QNAP devices have included campaigns using DeadBolt, Checkmate, and eCh0raix ransomware. And in 2021, Synology warned the public that their devices were targeted by the StealthWorker botnet.
QNAP, a Taiwanese manufacturer of network equipment, recently successfully resisted a cyberattack targeting network-attached storage (NAS) systems with weak passwords that are publicly available on the Internet.
On the evening of October 14, the company detected a flurry of attacks and, with the support of the cloud provider DigitalOcean, disabled the attackers command and control server (C2 server), which manages a botnet of hundreds of infected systems.
The QNAP Product Security Incident Response Team (QNAP PSIRT) blocked hundreds of "zombie networks" in 7 hours using QuFirewall proprietary software, protecting many QNAP NAS devices from further attacks.
"Within 48 hours, we also successfully identified the source of the C2 server and, together with the cloud provider DigitalOcean, took measures to block it," the company said.
QNAP representatives highly appreciated their actions. According to them, this not only helped QNAP NAS users avoid damage, but also protected users of other network storage from this wave of attacks.
Despite the fact that the attack was successfully repelled, attackers rarely sit idly by, so QNAP urged customers to independently strengthen the protection of their devices: change the standard access ports, deactivate port forwarding on routers and UPnP on NAS, apply secure password policies, and disable the administrator account on endpoints.
Cybercriminals often target NAS devices to steal or encrypt valuable documents. Recent attacks on QNAP devices have included campaigns using DeadBolt, Checkmate, and eCh0raix ransomware. And in 2021, Synology warned the public that their devices were targeted by the StealthWorker botnet.
