URGENT! Security Advisory for Malware QSnatch
-
Sunday, 3rd November, 2019
-
13:04pm
Security Advisory for Malware QSnatch
- Release date: November 1, 2019
- Security ID: NAS-201911-01
- Severity: High
- CVE identifier: N/A
- Affected products: QNAP NAS devices
Summary
The QSnatch malware is reportedly being used to target QNAP NAS devices. The National Cyber Security Center Finland (NCSC-FI) has received reports via the Autoreporter service in mid-October about infected devices attempting to communicate with specific command-and-control (C2) servers.
No other vulnerabilities have been found in the current investigation on the malware. We have added rules to remove the QSnatch malware and released Malware Remover 3.5.4.0 and 4.5.4.0.
If you have any questions regarding this issue, contact us through the
QNAP Helpdesk.
Recommendation
Follow the instructions listed on the
QNAP Website, or
contact our support centre to arrange a technician to complete it for you.
Revision History: V2.0 (November 2, 2019) - Updated
V1.0 (November 1, 2019) - Published
