Expert Comments On QSnatch Malware Infecting QNAP NAS Devices

Trafficon, the Finnish Transport and Communciation agency & National Cybersecurity Center is reporting that new malware known as QSnatch is infecting Network Attached Storage devices.

 

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Bob Noel
Bob Noel , VP of Strategic Partnerships
InfoSec Expert
November 4, 2019 11:50 am

Although the mechanisms by which QNAP spreads are unclear at this time, the fact that it steals usernames and passwords for all NAS users is very concerning. Any organization that has fallen victim to this infection must proactively begin to look for credential misuse. Bad actors who have stolen valid credentials will use them to try an gain access to other resources. As a best practice, network traffic analysis (NTA) should be implemented within the organization. NTA can baseline normal credential use, then by applying security algorithms, can identify when bad actors are trying to move laterally and gain a foothold on other resources.

Last edited 3 years ago by Bob Noel
1
0
Would love your thoughts, please comment.x
()
x