The QSnatch malware has reportedly infected over 7,000 computers in Germany alone and has spread across Europe and the Americas.
That is according to an announcement made by the German Computer Emergency Response Team. The news about the ongoing attack comes about a week after the National Cyber Security Centre of Finland flagged the virus last week, ZDNet reports.
QSnatch is targeting network-attached storage devices from the Taiwanese vendor QNAP. While it is still unclear how it gains access to the devices, once infected, QSnatch digs into the firmware to gain reboot persistence.
Once there, it has the ability to modify OS timed jobs and scripts, prevent malware updates, prevents the device’s native malware remover from working and can extract both names and password for all the users hooked into the network-attached storage device.
There are also speculations that this is only the first step in a longer plan where this attack is only enabling the hackers from setting up a botnet.
Copyright © 2019 FinTech Global