Network-attached Storage (NAS) device maker QNAP has published a security advisory to alert of malware targeting its NAS devices.
Rated High severity, the alert reveals that some QNAP storage appliances are affected by a recently reported malicious program, but doesn’t offer details on which products are impacted.
“A recently reported malware is known to affect QNAP NAS devices. We are currently analyzing the malware and will provide the solution as soon as possible,” reads the advisory from the Taiwanese company.
QNAP NAS customers are advised to manually update Malware Remover to the latest version, to make sure the QTS software running on the device is up to date, and to also update all applications on storage devices.
The advisory also provides customers with information on how to update the Malware Remover, QTS, and the applications on the NAS, but offers little in terms of information regarding the malware affecting these devices.
For several weeks, users took it to the QNAP NAS Community Forum to complain about issues with their devices, but the company only appears to have started an investigation into the issue last week, following an article on The Register.
Infected devices apparently make a large number of requests to IP address 0.0.0.0.
Users posting on the forum report that the most common issues they observed included firmware and antivirus failing update checks, and inability to install the Malware Remover. Some say that even the manual installation fails.
QNAP has apparently updated the Malware Remover script and users who run the latest version should be able to clear the infection.
Malware targeting QNAP NAS appliances isn’t new. In fact, the company’s storage devices have been among those targeted by the VPNFilter attack that hit a critical infrastructure organization in Ukraine last year.
Related: VPNFilter Targets More Devices Than Initially Thought
Related: Critical Vulnerabilities Patched in QNAP Storage Devices
Ionut Arghire is an international correspondent for SecurityWeek.
Tags: 
