QNAP tells NAS users to update firmware to avoid new type of ransomware

News
By published

AgeLocker ransomware is infecting QNAP NAS devices with outdated firmware and software

(Image credit: QNAP)

The Taiwanese hardware maker QNAP is urging users of its network-attached storage (NAS) devices to update their firmware and apps to avoid falling victim to a new strain of ransomware.

The ransomware, named AgeLocker, first began infecting NAS devices beginning in June of this year. AgeLocker gets its name from the fact that it uses the Actually Good Encryption (AGE) algorithm to encrypt files on a victim's NAS device.

Unfortunately for those whose devices have been infected with AgeLocker, the AGE encryption algorithm is considered cryptographically secure and because of this, techniques such as brute-forcing the encryption key or identifying weakness in the encryption scheme just won't work.

This means that users will have to pay the ransom demanded by AgeLocker's operators if they wish to regain access to their files, hence the reason why QNAP is strongly urging users to upgrade the firmware and software of their NAS devices to avoid falling victim to it in the first place.

AgeLocker ransomware

QNAP revealed in a recent security advisory that its QTS firmware and PhotoStation, one of the default apps that comes preinstalled with its devices, are two of the ways in which AgeLocker is able to gain access to user's NAS devices. The company provided further insight on its ongoing investigation into AgeLocker, saying:

“Current intelligence pointed out that AgeLocker-affected systems are mostly macOS and Linux devices, and QNAP's initial investigation showed that no unpatched vulnerabilities are found in QTS. All known affected NAS are running older, unpatched QTS versions. QNAP is carrying out a thorough investigation by working with other information security entities to ensure the security of all QNAP products.”

In order to prevent falling victim to AgeLocker, QNAP NAS device owners should update the firmware of their devices as well as any preinstalled software such as the company's PhotoStation app.

QNAP provided the same recommendation to users back in June when its devices were targeted by the eCh0raix ransomware.

Via ZDNet

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Latest in News
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
More about security
An abstract image of digital security.

Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
iFi iDSD Valkyrie in gold, on a beige desk

iFi's iDSD Valkyrie DAC wants to guide your music to the great hall of Valhalla

See more latest
Most Popular
iFi iDSD Valkyrie in gold, on a beige desk
iFi's iDSD Valkyrie DAC wants to guide your music to the great hall of Valhalla
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
SDUNITED AX835-025FF mini PC
This mini PC with the incredible Strix Halo APU is yet another sign AMD may have given up on big brands for bleeding edge tech
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
Dell Pro Max with GB300
HP and Dell's latest Nvidia powered PCs are likely to be some of the most expensive workstations ever launched
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns