fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

AgeLocker Ransomware Targets QNAP NAS Devices, Steals Data

https://open.spotify.com/show/3Gmj15x6cGrgJEzmGnDTTj

AgeLocker Ransomware Targets QNAP NAS Devices, Steals Data

QNAP NAS devices are being targeted in attacks by the AgeLocker ransomware, which encrypts the device’s data, and in some cases, steal files from the victim.

AgeLocker is ransomware that utilizes an encryption algorithm called Age (Actually Good Encryption) designed to replace GPG for encrypting files, backups, and streams.

In July 2020, we reported about a new ransomware called AgeLocker that was utilizing this algorithm to encrypt victims’ files.

When encrypting files, it would prepend a text header to the encrypted data that starts with the URL ‘age-encryption.org,’ as shown below.

AGE encrypted file
AGE encrypted file

AgeLocker now targets QNAP NAS devices

Since the end of August 2020, AgeLocker, or another ransomware utilizing the same encryption, has been targeting publicly exposed QNAP NAS devices and encrypting their files.

After a victim in the BleepingComputer forums uploaded an encrypted file to ID Ransomware, Michael Gillespie could determine that it was encrypted with the Age encryption.

Gillespie also confirmed that AgeLocker had picked up in activity towards the end of August as they continued to target QNAP devices worldwide.

ID Ransomware submissions
ID Ransomware submissions

When the ransomware encrypts files, it will leave behind a ransom note named HOW_TO_RESTORE_FILES.txt that tells the victim that their QNAP device was specifically targeted in the attack.

“Unfortunately a malware has infected your QNAP and a large number of your files has been encrypted using a hybrid encryption scheme.”

 

Also Read: The Importance Of Knowing Personal Data Protection Regulations

AgeLocker-QNAP Ransom Note
AgeLocker-QNAP Ransom Note

In one submission to ID-R, Michael Gillespie reports that the attackers state they first stole unencrypted files that contain “medical data, scans,  backups, etc.”

It is unknown how much they are demanding as a ransom or how the attackers are gaining access to the QNAP devices.

Unfortunately, there is no way to recover files encrypted by AgeLocker for free.

How to secure an encrypted QNAP NAS device

QNAP has previously been targeted by the eCh0raix Ransomware, which exploited vulnerabilities in the device to encrypt data.

At the time, QNAP provided the following steps to make sure you are running the latest firmware and vulnerabilities have been patched:

  1. Log on to QTS as administrator.
  2. Go to Control Panel > System > Firmware Update.
  3. Under Live Update, click Check for Update.QTS downloads and installs the latest available update.

Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device.

QNAP also suggests users update the Photo Station software with the following steps:

  1. Log on to QTS as administrator.
  2. Open the App Center, and then click magnifying glass.
    A search box appears.
  3. Type “Photo Station,” and then press ENTER.
    The Photo Station application appears in the search result list.
  4. Click Update.
    A confirmation message appears.
    Note: The Update button is not available if you are using the latest version.
  5. Click OK.
    The application is updated.

Finally, all QNAP owners should go through the following checklist to further secure their NAS and check for malware:

• Change all passwords for all accounts on the device
• Remove unknown user accounts from the device
• Make sure the device firmware is up-to-date, and all of the applications are also updated
• Remove unknown or unused applications from the device
• Install QNAP MalwareRemover application via the App Center functionality
• Set an access control list for the device (Control panel -> Security -> Security level)

Also Read: Basic Info On How Long To Keep Accounting Records In Singapore?

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us