Quelle: Heise
Bereits am 07.01.2022 hat QNAP ein Sicherheitsmeldung herausgegeben, welches die Besitzer eines QNAP NAS dringend auffordert Maßnahmen zu ergreifen um Ihr NAS zu schützen. Anschließend solle umgehend auf die aktuellste QTS-Version (5.0.0.1891 build 20211221) gewechselt werden.
Die Angreifer behaupten, eine Zero-Day-Schwachstelle in den Geräten entdeckt zu haben und nutzen diese aus, um eine Ransomware-Bedrohung zu verbreiten. Die Angriffe wurden erstmals am 25. Januar 2022 bemerkt. Betroffene Benutzer stellten fest, dass ihre auf QNAP-Geräten gespeicherten Dateien nicht mehr zugänglich waren und nun „.deadbolt“ als neue Dateierweiterung an ihren Namen angehängt wurde.
Scheinbar geht es aber QNAP nicht schnell genug und verteilt nun das Firmware Update Zwangsweise.
„Qnap must let us know how and why they did this. People have so many different configurations on their machines, that may or may not function well on new updates. That Qnap needs to explain why the forced update was necessary and how they did it.“
We are trying to increase protection against deadbolt. If recommended update is enabled under auto-update, then as soon as we have a security patch, it can be applied right away.
Back in the time of Qlocker, many people got infected after we had patched the vulnerability. In fact, that whole outbreak was after the patch was released. But many people don’t apply a security patch on the same day or even the same week it is released. And that makes it much harder to stop a ransomware campaign. We will work on patches/security enhancements against deadbolt and we hope they get applied right away.
I know there are arguments both ways as to whether or not we should do this. It is a hard decision to make. But it is because of deadbolt and our desire to stop this attack as soon as possible that we did this.
Quelle: Reddit
Das automatische Update kann zu einem Problem führen, sollte iSCSI genutzt werden.
Hello all,
Just thought I would give everyone a heads-up. A couple of our QNAPS lost ISCSI connection last night. After a day of tinkering and pulling our hair out we finally found it was because of the update. It has not done it for all of the QNAPs we manage but we finally found the resolution.
In „Storage & Snapshots > ISCSI & Fiber Channel“ right-click on your Alias (IQN) select „Modify > Network Portal“ and select the adapter you utilize for ISCSI.
All fixed. I hope this helps someone.
Quelle: Reddit