eCh0raix Ransomware Found Targeting QNAP Network-Attached Storage Devices carding cc sites, carding dumps 2021

A newly uncovered ransomware family was found targeting QNAP network-attached storage (NAS) devices. Named eCh0raix (detected by Trend Micro as Ransom.Linux.ECHORAIX.A ) by security researchers at Anomali, the malware was reportedly designed for targeted ransomware attacks similar to how Ryuk or LockerGoga were used. 
NAS devices are network-connected computer appliances serving as file storage and backup systems, or central locations from which users can readily access data. They are a low-cost and scalable solution for many organizations, over 80% of which are estimated to use them. 
[READ: Narrowed Sights, Bigger Payoffs: Ransomware in 2019 ]
eCh0raix is written in Go/Golang, a programming language increasingly   abused to develop malware. eCh0raix performs language checks to determine an affected NAS device’s location, and terminates itself if it is in certain countries in the Commonwealth of Independent States (CIS) like Belarus, Ukraine, and Russia. eCh0raix encrypts documents and text files, PDFs, archives and databases, and multimedia files among others. 
The ransomware demands a ransom of 0.05 – 0.06 bitcoin (around US$567 as of July 11, 2019), paid via a site hosted in Tor, in exchange for the necessary decrypt key. BleepingComputer has reported  that the decryptors seem to be available for Windows and macOS. Affected QNAP NAS devices include QNAP TS-251, QNAP TS-451, QNAP TS-459 Pro II, and QNAP TS 253B. 
While the exact infection vector is still unclear as of this writing, forum posts in BleepingComputer noted that the infected NAS devices do not have the latest patches and protected by weak passwords. This indicates that eCh0raix’s operators could be brute-forcing or exploiting vulnerabilities in their targeted NAS devices. The researchers also noted that eCh0raix, unlike typical ransomware families, appears to be designed for targeted attacks. For instance, eCh0raix’s offline version is embedded with hardcoded encryption keys compiled for specific targets, and unique decryption keys are associated with each. 
[RELATED NEWS: MegaCortex ransomware spotted attacking enterprise networks ] 
eCh0raix is not the first ransomware family to target NAS devices, but is among the few, purpose-built, file-encrypting threats that have emerged this year. While 2019 has seen a decline in ransomware-related activities, they were overshadowed by incidents of targeted ransomware attacks. LockerGoga, for instance, cost Norsk Hydro an estimated US$40 million in financial losses, while Ryuk was used to hamper the operations of newspapers in the U.S. Ransomware also suspended several government services in Baltimore in an attack that reportedly cost the city $18.2 million.
Many threats take advantage of poorly secured systems. In eCh0raix’s case, they were weak credentials or vulnerabilities. Researchers at Anomali, for instance, noted that their internet scan resulted in more than 19,000 web-facing and publicly accessible QNAP NAS devices in the U.S. NAS devices aren’t usually safeguarded with anti-malware solutions, which makes them especially susceptible — and an easy target for cybercriminals. 
[Best Practices: Defending Against Ransomware ]
QNAP Systems, the manufacturer of the NAS devices targeted by eCh0raix, has published recommendations on ransomware mitigation, such as enabling QNAP’s snapshot feature, which can help in backing up and restoring files. To further reduce the NAS device’s attack surface, users and businesses are recommended to adopt best practices including:
Trend Micro XGen™ security  provides a cross-generational blend of threat defense techniques against a full range of threats for  data centers ,  cloud environments ,  networks , and  endpoints . It infuses high-fidelity  machine learning  with other detection technologies and global threat intelligence for comprehensive protection against advanced malware. Smart, optimized, and connected, XGen™ powers Trend Micro’s suite of security solutions: Hybrid Cloud Security, User Protection, and Network Defense.
Like it? Add this infographic to your site:1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets. View the report
The upheavals of 2020 challenged the limits of organizations and users, and provided openings for malicious actors. A robust cybersecurity posture can help equip enterprises and individuals amid a continuously changing threat landscape. View the 2020 Annual Cybersecurity Report
carding cc sites carding dumps 2021

Author: wpadmin