QNAP NAS systems (opens in a new tab) have been hit by a number of ransomware attacks, and Checkmate is the latest to be accused of targeting network-attached storage (NAS) endpoints.
Checkmate, a ransomware strain first discovered towards the end of May 2022, has been identified as a target for internet-connected NAS discs.
The SMB service must be enabled on the devices, and the accounts must be secured using passwords that can be broken using brute force.
The equivalent of $20,000 in Bitcoin
QNAP’s security alert warns about “a new ransomware known as Checkmate,” which has just been brought to their knowledge. An initial examination suggests that Checkmate uses a dictionary attack to crack accounts with weak passwords, and that it exploits SMB services accessible to the internet.
Ransomware strains such as Checkmate are similar to one other in many ways. As soon as an internet-connected device is discovered, the attackers will attempt to log in using compromised accounts via dictionary assaults. Checkmate is then activated, which encrypts all files on the target device and network, as well as putting the.checkmate extension on them. The ransom letter, titled!CHECKMATE DECRYPTION README, is then delivered.
However, several users have taken to QNAP’s forum to alert their peers of the risk, despite their being no official notifications from QNAP or its social media accounts.
The threat actor allegedly wants $15,000 in bitcoin in return for the decryption key, although that amount has not been confirmed.
Not exposing devices to the internet is the greatest protection against Checkmate and other ransomware variants at this time. To further minimise the attack surface, QNAP recommends connecting to a VPN.
User accounts should be reviewed to ensure that passwords are secure against brute-force attacks, and data should be backed up often. Installing an antivirus programme as well as a firewall might be beneficial.
Lastly, make certain that your QNAP’s firmware is up to date by downloading and installing the latest version.
“We are actively researching the situation and will offer more information as soon as feasible,” QNAP said.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover