Security Advisory for VPNFilter Malware

Summary

A malware called VPNFilter is known to steal information and allow attackers to remotely damage infected devices. The malware reportedly affects different devices, including some QNAP NAS models running QTS 4.2.6 build 20170628, 4.3.3 build 20170703, and earlier versions, or using the default password for the administrator account.

We have already noted this issue last year and have updated our malware signatures in Malware Remover 2.2.1 and later. Concerned users can scan their NAS with Malware Remover 2.2.1 or later versions.

Recommendation

To avoid possible exploits, users must:

1. Update QTS to the 4.2.6 build 20170729, 4.3.3 build 20170727 or later versions.
2. Install Malware Remover 2.2.1 or later versions, and then run a full scan.
3. Change the password if you are using the default password for the administrator account.

Installing the QTS Update

1. Log on to QTS as administrator.
2. Go to Control Panel > System > Firmware Update.
3. Under Live Update, click Check for Update.
   QTS downloads and installs the latest available update.

Installing and running the latest version of Malware Remover

1. Log on to QTS as administrator.
2. Open the App Center, and then click the Search icon.
   A search box appears.
3. Type “Malware Remover”, and then press ENTER.
   The Malware Remover application appears in the search results list.
4. Click Install.
   A confirmation message appears.
5. Click OK.
   The application is installed.
6. Open Maware Remover.
7. Click Start Scan.
   Malware Remover scans the NAS for malware.

Change the administrator account password

1. Log on to QTS as administrator.
2. On the task bar, click admin > Options.
   The Options window appears.
3. Click Change Password.
   The Change Password screen appears.
4. Enter your old password.
5. Specify a password that contains 6 to 64 ASCII characters.
6. Click Apply.
   QTS saves your new password.