The eCh0raix ransomware, known for attacking QNAP network-attached storage (NAS) devices, is back with a bang.
The ransomware was relatively active last summer, but was pushed aside for two reasons. First, the main version was reverse-engineered quickly and victims received decryption keys without paying the ransom. Second, the emergence of other ransomware operators attacking the same devices - namely Muhstik and QSnatch - served to draw attention away from eCh0raix.
However, the eCh0raix operators have now developed new versions of the malware, now being used to attack owners of NAS devices.
After ZDNet reported on new critical vulnerabilities affecting QNAP devices, victims began to reach out, explaining they had fallen foul of an unknown strain of ransomware. Further investigation found a new version of the eCh0raix ransomware was responsible.
To mitigate against the threat, owners of QNAP NAS devices are advised to update their firmware and software immediately, including all apps and add-ons. Given the operators are known for using brute-force attacks to access devices and spread malware, QNAP device owners are also advised to use complex passwords to protect their systems.