Taiwanese vendor QNAP fixed a critical vulnerability, tracked as CVE-2021-28809, that could be exploited by attackers to compromise vulnerable NAS devices.
The vulnerability affects certain legacy versions of HBS 3 Hybrid Backup Sync, it was reported to the vendor by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs.
“An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3 (Hybrid Backup Sync). If exploited, this vulnerability allows attackers to compromise the security of the operating system.” states the security advisory published by the company.
The vendor addressed the flaw in the following versions of HBS 3:
QNAP devices running QTS 4.5.x with HBS 3 v16.x are not affected.
In May, the Taiwanese vendor warned its customers of updating the HBS 3 disaster recovery app running on their Network Attached Storage (NAS) devices to prevent Qlocker ransomware infections.
At the end of April, experts warned of a new strain of ransomware named Qlocker that was infecting hundreds of QNAP NAS devices on daily bases.
The threat actors behind the attacks are exploiting an improper authorization vulnerability, tracked as CVE-2021-28799, that could allow them to log in to a NAS device
“A ransomware campaign targeting QNAP NAS began the week of April 19th, 2021. The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3 (Hybrid Backup Sync).” reads the security advisory published by the vendor.
The attacks were first spotted on April 20, and the number of infections has skyrocketed into the hundreds per day, according to statistics provided by Michael Gillespie, the creator of ransomware identification service ID-Ransomware.
Early May, the Taiwanese vendor warned its customers of
Early this month, the Taiwanese vendor warned its customers of an ongoing wave of AgeLocker ransomware attacks on their NAS devices
(SecurityAffairs – hacking, QNAP)