Taiwanese storage producer QNAP has warned customers of a malware pressure that consumes massive quantities of CPU and reminiscence to mine cryptocurrency with out the proprietor’s consent. Reviews of the Dovecat malware infecting QNAP gadgets have been circulating for a number of months now however a brand new security advisory has solely simply been launched by the producer.
It appears that evidently QNAP’s network-attached storage (NAS) gadgets are liable to an infection if they’re protected by weak person passwords. The Dovecat malware is able to working on any Linux machine however seems to have been particularly designed to contaminate QNAP NAS gadgets.
Though malware could also be extra generally related to credential theft or disruption to important options, a brand new kind of bitcoin miner malware has elevated in recognition of late as the worth of cryptocurrencies has risen. In truth, sightings of crypto-mining malware rose by 53% within the fourth quarter of final yr.
In response to the Dovecat discovery, QNAP has supplied detailed recommendation for customers relating to one of the best ways of minimizing the chance of being contaminated. This consists of updating QTS to the newest model, putting in a firewall, avoiding default port numbers, and following NAS security best practices.
QNAP customers initially seen that one thing was not fairly proper with their NAS machine after they noticed two processes, Dovecat and dedpma, working always and consuming massive quantities of assets. The corporate issued a help publish again in November confirming that the 2 processes have been related to bitcoin mining malware.
The Dovecat an infection will not be the primary time that QNAP has been focused by a malware marketing campaign. Beforehand, the storage agency has needed to warn customers of the QSnatch malware and a number of ransomware makes an attempt.
By way of Bleeping Computer