Recently, the eCh0raix ransomware is active again, mainly using the combination of remote vulnerabilities in QNAP NAS server to spread, which poses a great threat to user's private data and property security, according to 360 Security.
The virus exploits a combination of remote vulnerabilities in QTS and Photo Station in earlier versions of QNAP NAS devices to successfully infect QNAP NAS devices with Photo Station turned on.
After the infection, it gains access to the NAS system and files, and encrypts important user data to complete further extortion.
Users who have set up a private cloud server through NAS devices still need to update and patch their systems in time to synchronize important data to the cloud for backup.
Recommendations to protect against eCh0raix ransomware:
1. Users should update their systems and software in a timely manner to repair existing vulnerabilities and avoid attacks on servers caused by system and software vulnerabilities.
2, do not use a weak password, it is recommended to open the password strength limit rules, while in the security options to open the firewall, which can effectively resist such password blasting attacks.
3, if the server does not need to provide services to the external network, it is recommended to set the server in the intranet, for daily services not used, such as ssh, telnet, you can choose to close in the settings to reduce the attack surface.