NAS vendor QNAP warns its customers about 'eCh0raix' ransomware

A ransomware attack is any PC enthusiast's worst nightmare – there's very little that's more terrifying than having all of your personal data locked behind an outrageous paywall. While vigilance, regular system back-ups, strong security software, and smart internet usage can mitigate (or outright block) the damage ransomware could cause, the risk is still there.

After the "WannaCry" scare that took place some time ago, the internet has been on high alert regarding any similar attacks. Unfortunately, earlier this month, yet another form of ransomware – dubbed "eCh0raix" – was revealed by Anomali, and its primary targets appear to be QNAP's network-attached storage device customers.

Shortly after eCh0raix was revealed, QNAP published a security advisory for its NAS customers, which warns them about the dangers this ransomware can pose, while also listing several "Recommendations" for as-of-yet unaffected users to follow to prevent infection.

These steps include updating QTS to the latest version, installing and updating Malware Remover, using a "Stronger" administrator password (it's unclear what they mean by this), enabling Network Access Protection, disabling SSH and Telnet, and avoiding the use of ports 443 and 8080. For anyone who has been hit by the eCh0raix ransomware, QNAP says it's "working on a solution" to remove the malware, and will release it at the "soonest possible time."

It's been roughly two weeks since the advisory was posted, and it doesn't appear to have been updated with any information regarding this solution, so it is likely still in development.