QSnatch malware infects 62,000 QNAP NAS devices around the globe

QSnatch malware has been reported to increase its bots exponentially around the globe.

Researchers have recently found that QSnatch malware that started with 7,000 bots has increased exponentially and has deployed 62,0000 bots around the globe. The malware has been infecting network-attached storage (NAS) devices from Taiwanese device maker QNAP.

The research teams have found that the latest version of malware has various updated features which include CGI password logger, credential scraper, SSH backdoor, Exfiltration,  Webshell functionality for remote access, etc.

QSnatch malware is injected into the firmware, from where it takes full control of the device and then blocks future updates to the firmware to survive on the victim NAS. Researchers have claimed that some of the vulnerabilities of QNAP lead the malware to enter and infect user devices.

QSnatch group’s server infrastructure that was used in the second series of attacks is now down, but that QSnatch infections still remain active around the internet, on infected devices. The research team has requested the organization to send out security patches to cover up the vulnerabilities.

NPAV recommends users to keep your firmware updated, and always download the updates from trusted sources. These updates contain security patches which will protect your systems from getting exploited by hackers.

Install NPAV on your devices and stay protected from all kinds of malware attacks. NPAV provides best in class security from all kinds of cyber attacks.

Use NPAV and join us on a mission to secure the cyber world.


Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *