Urgent Notification about TNAS being Attacked by Ransomware
Re: Urgent Notification about TNAS being Attacked by Ransomware
I'am Sadly also hit by it..
I'm sooo angry i asked so often for the firewall rules to reject all external traffic and no one helped me.
Damnit...
i have no words currently
I'm sooo angry i asked so often for the firewall rules to reject all external traffic and no one helped me.
Damnit...
i have no words currently
Re: Urgent Notification about TNAS being Attacked by Ransomware
deex wrote:
> I'am Sadly also hit by it..
>
> I'm sooo angry i asked so often for the firewall rules to reject all
> external traffic and no one helped me.
> Damnit...
>
> i have no words currently
Sorry to hear this, but people did try to respond to you, including myself.
I guess you just did not understand the responses, and this is not really the forum to provide a tutorial on networking.
Out of the box, neither your router or the TNAS would have allowed internet access to the TNAS Admin screens.
Despite that, I have specifically excluded access to the TNAS Admin console in the firewall rules of my router. This means nothing can access the TNAS on port 8181 from outside my router (the Internet).
> I'am Sadly also hit by it..
>
> I'm sooo angry i asked so often for the firewall rules to reject all
> external traffic and no one helped me.
> Damnit...
>
> i have no words currently
Sorry to hear this, but people did try to respond to you, including myself.
I guess you just did not understand the responses, and this is not really the forum to provide a tutorial on networking.
Out of the box, neither your router or the TNAS would have allowed internet access to the TNAS Admin screens.
Despite that, I have specifically excluded access to the TNAS Admin console in the firewall rules of my router. This means nothing can access the TNAS on port 8181 from outside my router (the Internet).
Re: Urgent Notification about TNAS being Attacked by Ransomware
C'mon TerraMaster, a solution is required. This issue has been ongoing since the 22nd I believe, 6 DAYS!
Let's get this fixed!
Let's get this fixed!
- Charlie_Croker
- Posts: 108
- Joined: 07 Oct 2020, 19:05

Re: Urgent Notification about TNAS being Attacked by Ransomware
jani7 wrote:
> C'mon TerraMaster, a solution is required. This issue has been ongoing
> since the 22nd I believe, 6 DAYS!
> Let's get this fixed!
Its been going on for over a month, it hit QNAP first, then Asustor so TM should have been aware and checked to see if their OS was vulnerable. Seems they didnt do that.
https://www.zdnet.com/article/qnap-warn ... to-update/
> C'mon TerraMaster, a solution is required. This issue has been ongoing
> since the 22nd I believe, 6 DAYS!
> Let's get this fixed!
Its been going on for over a month, it hit QNAP first, then Asustor so TM should have been aware and checked to see if their OS was vulnerable. Seems they didnt do that.
https://www.zdnet.com/article/qnap-warn ... to-update/
- Charlie_Croker
- Posts: 108
- Joined: 07 Oct 2020, 19:05

Re: Urgent Notification about TNAS being Attacked by Ransomware
deex wrote:
> I'am Sadly also hit by it..
>
> I'm sooo angry i asked so often for the firewall rules to reject all
> external traffic and no one helped me.
> Damnit...
>
> i have no words currently
I'm sorry you got hit, did you change the default ports as advised on page 1 of this thread?
To understand firewall rules it would be best to search on google, for example this explains it quite well https://www.youtube.com/watch?v=G3BJo4B1GgU
Also your profile shows you have only posted twice? I'm confused how this equates to "Asked so often"?
> I'am Sadly also hit by it..
>
> I'm sooo angry i asked so often for the firewall rules to reject all
> external traffic and no one helped me.
> Damnit...
>
> i have no words currently
I'm sorry you got hit, did you change the default ports as advised on page 1 of this thread?
To understand firewall rules it would be best to search on google, for example this explains it quite well https://www.youtube.com/watch?v=G3BJo4B1GgU
Also your profile shows you have only posted twice? I'm confused how this equates to "Asked so often"?
Re: Urgent Notification about TNAS being Attacked by Ransomware
Charlie_Croker wrote:
> jani7 wrote:
> > C'mon TerraMaster, a solution is required. This issue has been ongoing
> > since the 22nd I believe, 6 DAYS!
> > Let's get this fixed!
>
>
> Its been going on for over a month, it hit QNAP first, then Asustor so TM should have
> been aware and checked to see if their OS was vulnerable. Seems they didnt do that.
>
>
> https://www.zdnet.com/article/qnap-warn ... to-update/
This makes me even angrier! What kind of company is TM!
> jani7 wrote:
> > C'mon TerraMaster, a solution is required. This issue has been ongoing
> > since the 22nd I believe, 6 DAYS!
> > Let's get this fixed!
>
>
> Its been going on for over a month, it hit QNAP first, then Asustor so TM should have
> been aware and checked to see if their OS was vulnerable. Seems they didnt do that.
>
>
> https://www.zdnet.com/article/qnap-warn ... to-update/
This makes me even angrier! What kind of company is TM!
Re: Urgent Notification about TNAS being Attacked by Ransomware
Just got hit as well. Not happy.
I thought I'd disabled everything except local network access.
I thought I'd disabled everything except local network access.
- Charlie_Croker
- Posts: 108
- Joined: 07 Oct 2020, 19:05

Re: Urgent Notification about TNAS being Attacked by Ransomware
RobJVM wrote:
>
Did you change default ports?
>
Did you change default ports?
Re: Urgent Notification about TNAS being Attacked by Ransomware
Charlie_Croker wrote:
> RobJVM wrote:
> >
> Did you change default ports?
Long ago.
> RobJVM wrote:
> >
> Did you change default ports?
Long ago.
- Charlie_Croker
- Posts: 108
- Joined: 07 Oct 2020, 19:05

Re: Urgent Notification about TNAS being Attacked by Ransomware
RobJVM wrote:
>
Then the attack vector is unusual, any unusual port scans detected by your IPS/IDS?
What services/apps do you have installed on NAS and do you use?
Any port forwards to your NAS in your firewall?
Basically, how did they know your NAS even existed? Port scans almost always hit the default ports (rather than all 65,535 on every router on the net).
>
Then the attack vector is unusual, any unusual port scans detected by your IPS/IDS?
What services/apps do you have installed on NAS and do you use?
Any port forwards to your NAS in your firewall?
Basically, how did they know your NAS even existed? Port scans almost always hit the default ports (rather than all 65,535 on every router on the net).
