QNAP NAS MALWARE SCAM - Take Action

Qlocker and eCh0raix are targeting QNAP NAS and encrypting users data for ransom.


QNAP strongly urges users take immediate action.


  • DO NOT shut down the NAS

  • Install the latest Malware Remover version and run a malware scan on QNAP NAS

  • Update the latest available version of The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps


QNAP has released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical Support.


QNAP is urgently working on a solution to remove malware from infected devices.


If you are a QNAP NAS user but have been unaffected by the recent Qlocker and eCh0raix malware attack, QNAP recommends the following actions:

  • Install the latest Malware Remover version and run a malware scan as a precautionary measure

  • Update passwords to stronger ones

  • Update Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest available version

  • Modify the default network port 8080 for accessing the NAS operating interface. Steps to perform the operation can be found in the information security best practice offered by QNAP

  • The data stored on NAS should be backed up or backed up again utilizing the 3-2-1 backup rule, to further ensure data integrity and security


Info from QNAP security news. For details, please refer to the QNAP security advisory QSA-21-11 and QSA-21-13.


If you are worried about any aspects of your IT security, call the team at Conformedia for help and advice.

Tel: 0113 234 1548


Featured Posts
Recent Posts