BleepingComputer reports that QNAP has worked with Digital Ocean to dismantle a command-and-control server leveraged to facilitate far-reaching brute-force attacks aimed at vulnerable QNAP network-attached storage devices just two days after identifying the intrusions on Oct. 14.
Additional attacks against internet-exposed QNAP NAS devices with poor passwords have been averted after hundreds of zombie network IPs passing through QuFirewall were blocked within a seven-hour period, while the C&C network was promptly blocked after being identified within 48 hours, said QNAP, which called on organizations to further secure their devices by replacing the default access port number, removing port forwarding, and adopting password policies, among others.
"This attack occurred over the weekend, and QNAP promptly identified it through cloud technology, quickly pinpointing the source of the attack and blocking it. This not only assisted QNAP NAS users in avoiding harm but also protected other storage users from being affected by this wave of attacks," said QNAP Product Security Incident Response Team Head Stanley Huang.