Qnap has its own anti-malware tool, a feature update to Qlocker-ransomware removal which managed to infect recent days hundreds of NAS systems. According to QNAP, the attackers are exploiting known vulnerabilities in the multimedia console, media streaming add-on and Hybrid Backup Sync to access NAS systems and then install the ransomware. It encrypts files on the NAS and demands 450 euros for decrypting the data.
QNAP advises users to update to the most recent version of the mentioned software. It is also recommended to run the Malware Remover tool on the NAS system. In case data is encrypted, victims must first perform a scan and then contact the QNAP help desk. The NAS system should not be turned off.
Also unaffected users are advised to install the latest version of the Malware Remover as a precaution. Furthermore, QNAP recommends changing the default port 8080 for accessing the NAS system, backing up the data on the NAS and using a strong password.