QNAP Alerts for eCh0raix ransomware attacks, Roon Server zero-day

QNAP warns users regarding an actively exploited Roon Server zero-day bug and eCh0raix ransomware attacks targeting their Network Attached Storage devices.

Reportedly, this warning comes after 2 weeks when QNAP users were alerted about an ongoing AgeLocker ransomware outbreal.

NAS, a Taiwanese applicance maker told that it has received reports of devices affected by eCh0raix ransomware in an advisory published recently.

As per what the company said, “The eCh0raix ransomware has been reported to affect QNAP NAS devices.” Also, it added that, “Devices using weak passwords may be susceptible to attack.”

So, in the published advisory, it included detailed instructions regarding changing NAS password, enabling IP Access protection, and changing system port number.

Roon Server zero-day, An Active Exploit

In addition, the QNAP also alerted about an exploited zero-day vulnerability affecting Roon Labs’ Roon Server 2021-02-01, and earlier versions.

So, the company highly suggests to disable the Roon Server music server and not exposing the NAS on the Internet to prevent it against these active attacks, until the Roon Labs offers a security update.

To do so, users can get through following instructions:

  1. Log on to QTS as administrator.
  2. Launch the App Center and click. A search box will appear.
  3. Type ‘Roon Server’ and hit the Enter key, Roon Server will appear in Search Results.
  4. Click the arrow icon below the Roon Server icon.
  5. Finally, click on the Stop, and the app will be disabled.