I installed a hardware based firewall on my LAN when I started to see the QNAP cryptos and lockers in the news. It wasn't long until TNAS was targeted as well. I keep my TOS machines completely locked from internet access except for occasional brief app updates.
My firewall usually blocks 1000 or more outbound flows from each TOS machine every 12 hours. Today, I temporarily opened the access to one of the TOS units for an update. Within 1 minute, TOS was attempting to connect to "members.3322.org". This domain has an untrusted web reputation with Cisco Talos.
Recommend adding a firewall rule to all of your TOS systems to prevent communication with this domain.
PS: this isn't the only untrusted site that TOS attempts to contact. I'll compile a list of others.
Firewall and Security Vulnerabilities in TOS
Re: Firewall and Security Vulnerabilities in TOS
Thank you for your report.
the members.3322.org is the default DNS request in TOS, we will report to the tech team, and ask them to recheck the security of these default DNS request services.
the members.3322.org is the default DNS request in TOS, we will report to the tech team, and ask them to recheck the security of these default DNS request services.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)