This summer, information security specialists a new AgeLocker ransomware, which uses the Age (Actually Good Encryption) encryption algorithm to encrypt the files of its victims. Now the Qnap Engineers have explained how to protect against AgeLocker.
When encrypting, the malware adds a text header to the encrypted data, which begins with the URL age-encryption[.]org.Earlier, with reference to Bleeping Computer, we wrote that since the end of August 2020, AgeLocker or another ransomware that uses the same encryption began to attack Qnap NAS devices accessible via the Internet and encrypt data on them.
Moreover, in a ransom note, AgeLocker operators state that before beginning an encryption, they stole user files that contain “medical data, scanned images, backups, and so on.”
Whereas it was previously unclear exactly how attackers gain access to devices, now Qnap engineers have published a security bulletin, where they talked more about AgeLocker.
According to experts, the ransomware compromises NAS through vulnerable versions of QTS, as well as through one of the pre-installed applications, namely PhotoStation.
The company said in a statement that all affected devices were running outdated versions of QTS and the application, meaning that attackers were not exploiting any zero-day bugs.
Since the malware distribution vector has finally been discovered, the developers now recommend that device owners update QTS and PhotoStation as soon as possible, and overall do not forget about the need to install updates and patches in a timely manner.
