QNAP Ech0raix ransomware

QNAP ech0raix ransomware has been reported rampant since 19th December 2021. If you are QNAP user, you would be screaming for help or looking for alternative solution. We understand how users felt. Looking just few months back, we have an article about QNAP QLocker Ransomware, and now ech0raix ransomware. Its like mere few months ago.

Users have lodge reports about the ransomware attack a few days before Christmas. At this moment, it is still unclear the damage it has caused. But as we know, the attack exploited a flaw in the Photo Station software causing document to be locked for ransomware. 

The ransomware, tracked by Intezer as “QNAPCrypt” and “eCh0raix” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. The malicious code appends .encrypt extension to filenames of encrypted files.

Attackers created a user in the administrator group, then using it to encrypt contents of the NAS. Look for the file with extension .txtt to read about the ransom attack demands. ech0raix ransomware operators demand a ransom raising from .024 (USD1,200) up to .06 bitcoins (USD3,000). 

As usual, we will not advice users to pay for it as not only it does not guarantee your content being release, you can be sure they will be back for more.

If you have not been hit by this, here are some actions to be taken:

  1. Backup your files to secondary location or device and detached from main device
  2. Update your device firmware and patch any security flaws
  3. If possible do not allow remote access for now till there is a patch for this flaw
  4. If remote access is required, deploy VPN to secure your connection

Having a QNAP NAS is not a mistake, as all NAS and software applications has its flaws and bugs. NAS is meant for small businesses and end users for sharing of files and documents. With simple usage, and IT savvy personnel, SMEs can still be using NAS. However, if you do not have in-house IT savvy person, do engage professionals to assist and advice for on-going IT issues.

Advanced Micro Control Pte Ltd has been IT infrastructure service provider, and is a reliable IT partner you can rely on. Do feel free to contact us for any assistance or advisory. We would be glad to render our expertise to help you with your IT needs. 

Leave a Reply

Your email address will not be published. Required fields are marked *


Carpark: 10 minutes grace period with ample parking lots

Public Transport: SBS Bus service no. 58 (from Tai Seng MRT Station)

SMRT Circle Line: Tai Seng or Macpherson Station
SMRT Dowtown Line: Ubi or Macpherson Station

Copyright 2022 © ADVANCED MICRO CONTROL PTE LTD. All rights reserved. CRAFTED by SIMPLIIFY.CO.

Shopping Cart0


× WhatsApp now!