QNAP warns users of a new crypto-miner named Dovecat infecting their devices

QNAP says the malware is targeting NAS devices with weak passwords.

Taiwanese hardware vendor QNAP has published a security advisory today warning customers of a new malware strain named Dovecat that is currently targeting its line of network-attached storage (NAS) devices to abuse local resources and mine cryptocurrency behind users' backs.

The company said the malware is currently spreading by connecting to QNAP NAS systems left exposed online using weak passwords.

Today's security advisory comes after the company began receiving reports from its users last year about two unknown processes —named dovecat [1, 2] and dedpma— that were running non-stop and consuming the device's memory.

Matthew Ruffell, a Canonical software engineer and the founder of Dapper Linux, analyzed the malware last year when it found it on an Ubuntu system.

According to his analysis, the malware was capable of infecting any Linux system but appeared to have been specifically designed for the internal structure of QNAP NAS devices.

The use of the "dovecat" process name wasn't accidental either, as the malware tried to pass as Dovecot, a legitimate email daemon that ships with the QNAP firmware and many Linux distros.

But as Ruffell pointed out, Dovecat attacks were indiscriminate. Similar infections were also reported by users of Synology NAS devices, where the malware also appeared to have managed to run without problems.

Since the infection vector was linked to weak passwords, to prevent infections with this new threat, QNAP told users to:

Use stronger admin passwords.
Use stronger passwords for database administrators.
Disable SSH and Telnet services if not in use.
Disable unused services and apps.
Avoid using default port numbers (80, 443, 8080 and 8081).
Update QTS to the latest version.
Install the latest version of Malware Remover.
Install Security Counselor and run with Intermediate Security Policy (or above).
Install a firewall.
Enable Network Access Protection to protect accounts from brute force attacks.
Follow best practices for enhancing NAS security.

But in the grand scheme of things, Dovecat is not the first malware strain to target QNAP devices.

QNAP storage systems were also previously targeted by the Muhstik ransomware, the QSnatch malware, the ec0raix ransomware, and the AgeLocker ransomware.

Source: zdnet.com

PS. In our blog pages we got hidden links where you can earn cryptocurrency for free.

Comments

Cryptocurrencies Adding to the Safety and Security in the UK Gambling Industry

These are exciting times for the UK gambling industry. The impact of internet technology is now being felt with online gambling now controlling the industry. The adoption of cutting-edge technology is reasonable for the boom in the industry. From live casinos, mobile apps to artificial intelligence, incredible trends continue shaping the gambling industry. However, it is the rise of cryptocurrency casinos that seeks to redefine UK gambling. Many operators now include crypto coins such as bitcoin, Ethereum and Litecoin as part of their banking methods. Others offer exclusive bitcoin payments and promotions based on digital tokens. This revolutionary trend has a huge impact due to enhanced safety and security on these platforms. Players looking for peace of mind when playing online now opt to use cryptocurrencies. This post looks at how cryptos guarantee the safety and security of players at online casinos. How Cryptocurrency Gambling Works There’s a lot of talk about cryptocurrency,

Will Solana (SOL) Be the Shining Star of the Bull Market?

About 250,000 to 700,000 SOL have been sold daily by FTX for the last three weeks. SOL’s price jumped above $60, as GSOL’s premium also increased. While the price may retrace, it may not take long before SOL hits $70. Despite being a notable casualty of the FTX contagion in 2022, Solana (SOL) has defied all odds in 2023, as the price continues to outshine its peers. In the last 30 days, the value of SOL has increased by 180%, rising as high as $62 on November 11. However, the rising price of SOL is not the only interesting thing the token has shown by the token. For a token that was once described as dead, it has shown tremendous strength. Coin Edition came to this conclusion because of a post by trader Bluntz Capital. The Big Players Are Here According to Bluntz, FTX, after getting the go-ahead to liquidate its assets, has been selling around 250,000 to 700,000 daily for the last three weeks. Regardless of the sales, SOL has failed to nosedive. Rather, the price has chosen the upside

Terra Classic Community Passes Major Constructive Proposal, LUNC And USTC To $1?

The Terra Luna Classic community has passed another key proposal as they prepare for a revival of Terra Luna Classic (LUNC) and repeg USTC stablecoin to $1. The proposal aimed at having a guideline for a pay-per-job approach on the Terra Classic chain as core developer L1TF goes into maintenance mode for Q4. Meanwhile, the community is also collaborating on other fronts to keep LUNC and USTC above key support levels as traders started booking profits amid the latest pullback in the crypto market. Terra Luna Classic Passes Pay Per Job Proposal Proposal 11889 “Pay-per-job and governance-ruled Job List” has passed successfully. The proposal deemed the monthly model of roadmap and payment planning as suboptimal and plans to switch to a pay-per-job model. The proposal has received 91.99% “Yes” votes, with others mostly voting “Abstain”. The community believes it will optimize compensation structure, provide flexibility and transparency, boost community engagement, and risk mitigation. A

Crypto Ethone

Search This Blog