QNAP: QSnatch malware still active on over 60,000 devices
At the end of 2019, it was announced that there was an actively exploited vulnerability in QNAP NAS devices. At that time, QNAP issued a warning about the malware called QSnatch, which takes advantage of the vulnerability in QNAP's system. The malware steals access data and may be able to reload additional modules in order to cause further damage later. The Federal Office for Information Security (BSI) stated that based on sinkhole data as of November 2019, it was assumed that 7,000 devices in Germany were already infected.
The United States' Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Center (NCSC) have now issued a joint statement referring to QSnatch – because there are still said to be around 62,000 NAS devices, that have not been patched and are now infected. To prevent infections with QSnatch malware, the authorities recommend taking the measures recommended in the November 2019 QNAP Info. Around 46 percent of the approximately 62,000 infected NAS devices are said to work in Western Europe.