Qnap Engineers Explained How to Protect Against AgeLocker

Qnap explained how to protect against AgeLocker
Written by Emma Davis

This summer, information security specialists a new AgeLocker ransomware, which uses the Age (Actually Good Encryption) encryption algorithm to encrypt the files of its victims. Now the Qnap Engineers have explained how to protect against AgeLocker.

When encrypting, the malware adds a text header to the encrypted data, which begins with the URL age-encryption[.]org.

Earlier, with reference to Bleeping Computer, we wrote that since the end of August 2020, AgeLocker or another ransomware that uses the same encryption began to attack Qnap NAS devices accessible via the Internet and encrypt data on them.

When the ransomware encrypts files, it will leave behind a ransom note named HOW_TO_RESTORE_FILES.txt that tells the victim that their QNAP device was specifically targeted in the attacktold journalists of Bleeping Computer.

Moreover, in a ransom note, AgeLocker operators state that before beginning an encryption, they stole user files that contain “medical data, scanned images, backups, and so on.”

Whereas it was previously unclear exactly how attackers gain access to devices, now Qnap engineers have published a security bulletin, where they talked more about AgeLocker.

According to experts, the ransomware compromises NAS through vulnerable versions of QTS, as well as through one of the pre-installed applications, namely PhotoStation.

The company said in a statement that all affected devices were running outdated versions of QTS and the application, meaning that attackers were not exploiting any zero-day bugs.

Current intelligence pointed out that AgeLocker-affected systems are mostly macOS and Linux devices, and QNAP’s initial investigation showed that no unpatched vulnerabilities are found in QTS. All known affected NAS are running older, unpatched QTS versions. QNAP is carrying out a thorough investigation by working with other information security entities to ensure the security of all QNAP products said Qnap in a statement.

Since the malware distribution vector has finally been discovered, the developers now recommend that device owners update QTS and PhotoStation as soon as possible, and overall do not forget about the need to install updates and patches in a timely manner.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply