Newly Discovered Ransomware Sheds Light on the Threat

Corporate researchers recently uncovered a new type of ransomware which was attacking devices used for file storage and backup.  The researchers described the attack on the storage devices as “brute forcing weak credentials and exploiting known vulnerabilities in targeted attacks.”

Ransomware is malicious software, or malware, that denies victims access to their data or computer system until the victims pay a ransom.  It can be delivered via an infected website, or through phishing emails, and is an especially frustrating form of attack because it prevents victims from functioning electronically—at all.  Victims are offered an ultimatum: Either pay the ransom, or lose all your data.  This can be devastating to an individual, a small company, or even a local government.

Simple but deadly

The ransomware in question affected devices with media player and device storage functionality which were manufactured by the company QNAP, which has customers from all around the world and offices in over sixteen countries.   The attack was executed with simple source code of less than 400 lines.

Victims were shown a ransom note that informs them about their locked data and directs them to a Tor website where they can make the ransom payment in bitcoin.

Fortunately, this attack was identified and the vulnerabilities to it were patched before harm could be done, but its potential for damage was multinational in scope.

Related Article