The company QNAP, which manufactures numerous network storage devices (NAS) has recently warned of a new ransomware that is attacking its users.
The investigations carried out initially indicate that the ransomware family that is attacking is Checkmate. The first traces of this ransomware appeared in May 2022, but it is now that it seems to be spreading widely.
The modus operandi is the usual in these cases, in which the attacker, after gaining access to the system, encrypts the files within a folder and leaves a text file with instructions to decrypt the documents. The attackers demand about 15.000 dólares por el rescate y también ofrecen un chat en Telegram para contactar con ellos y para demostrarle a las víctimas que el programa de descifrado funciona.
To date, QNAP ha avisado a los clientes y lres recomienda no exponer el servicio SMB a Internet y revisar todas las credenciales de acceso para comprobar que sean robustas.
Los atacantes aman atacar este tipo de dispositivos, sea cual sea la marca y aprovechando las credenciales débiles aplicadas por los usuarios.