{"id":472783,"date":"2022-07-08T17:42:30","date_gmt":"2022-07-08T14:42:30","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/this-new-checkmate-ransomware-targets-nas-devices-review-geek\/"},"modified":"2022-07-08T17:42:30","modified_gmt":"2022-07-08T14:42:30","slug":"this-new-checkmate-ransomware-targets-nas-devices-review-geek","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/this-new-checkmate-ransomware-targets-nas-devices-review-geek\/","title":{"rendered":"#This New Checkmate Ransomware Targets NAS Devices \u2013 Review Geek"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a368dad7b9b9\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a368dad7b9b9\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/this-new-checkmate-ransomware-targets-nas-devices-review-geek\/#%E2%80%9CThis_New_Checkmate_Ransomware_Targets_NAS_Devices_%E2%80%93_Review_Geek%E2%80%9D\" >&#8220;This New Checkmate Ransomware Targets NAS Devices \u2013 Review Geek&#8221;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CThis_New_Checkmate_Ransomware_Targets_NAS_Devices_%E2%80%93_Review_Geek%E2%80%9D\"><\/span>&#8220;This New Checkmate Ransomware Targets NAS Devices \u2013 Review Geek&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div id=\"article-content-area\">\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage size-full wp-image-122608\" data-pagespeed-no-defer=\"\" src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/07\/d642f8c3.png?width=1200\" alt=\"The QNAP TS-133 NAS device.\" width=\"1920\" height=\"1080\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\">QNAP<\/span><\/figcaption><\/figure>\n<p>In its latest\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.qnap.com\/en\/security-advisory\/QSA-22-21\">security advisory<\/a>, QNAP warns that hackers are targeting NAS devices with a new Checkmate ransomware. Everyone who exposes their NAS device through SMB services (remote access) need to take extra security steps and create a backup system for their NAS.<\/p>\n<p>As explained by QNAP, the Checkmate ransomware first <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>eared in mid-2022 and relies on brute-force \u201cdictionary attacks\u201d to crack NAS devices with weak passwords. It then encrypts a victim\u2019s files, giving them a\u00a0.checkmate extension, and drops a ransom note titled\u00a0!CHECKMATE_DECRYPTION_README.<\/p>\n<p>Based on information shared to the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/forums\/t\/773059\/checkmate-ransomware-checkmate-support-topic\/\"><em>BleepingComputer<\/em> forums<\/a>, the Checkmate ransomware forces victims to pay $15,000 for a decrypter key. Victims claim that all files on their NAS devices are encrypted by Checkmate, including files in \u201cprivate\u201d folders. (For what it\u2019s worth, QNAP says that only \u201cpublic\u201d folders are affected.)<\/p>\n<p>Checkmate is just the latest ransomware to target NAS devices, which tend to rely on old or incomplete security protocols. Customers are often unaware of these vulnerabilities and enable remote access on their NAS device without taking extra steps for security or <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/346907\/backups-vs.-redundancy-what's-the-difference\/\">data redundancy<\/a>.<\/p>\n<p>So, the solution to avoiding this ransomware is nothing new; disable remote access until you can properly secure your data. Start by finding a way to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/346907\/backups-vs.-redundancy-what's-the-difference\/\">make backups of your NAS device<\/a>\u2014even with the best security, your NAS is somewhat vulnerable to malware and the forces of nature. I suggest using software like Snapshot or manually copying important NAS data to an <em>external<\/em> drive.<\/p>\n<p>Once you have a system in place to back up your NAS device\u2019s storage, you can start worrying about how to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/435452\/how-to-secure-your-synology-nas-from-ransomware\/\">securely utilize its remote access feature<\/a>. Your best course of action is to implement a strong password and turn on your NAS device\u2019 VPN and firewall, which will let you (and trusted family or friends) access its contents remotely through a secure tunnel. (You should also disable SMB 1 and only use SMB 2 or higher.)<\/p>\n<p>Bear in mind that all internet-facing NAS devices are somewhat vulnerable to hacking attempts or malware. That\u2019s just the nature of exposing a device to the internet, especially when that device is purpose-built for data hoarding and important file backups.<\/p>\n<p><small>Source: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.qnap.com\/en\/security-advisory\/QSA-22-21\">QNAP<\/a> via <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/qnap-warns-of-new-checkmate-ransomware-targeting-nas-devices\/\">BleepingComputer<\/a><\/small>\n<\/div>\n<p><script>\nsetTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s)}(window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n  fbq('init', '1137093656460433');\n  fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.reviewgeek.com\/122606\/this-new-checkmate-ransomware-targets-nas-devices\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;This New Checkmate Ransomware Targets NAS Devices \u2013 Review Geek&#8221; QNAP In its latest\u00a0security advisory, QNAP warns that hackers are targeting NAS devices with a new Checkmate ransomware. Everyone who exposes their NAS device through SMB services (remote access) need to take extra security steps and create a backup system for their NAS. As explained&#8230;<\/p>\n","protected":false},"author":1,"featured_media":472784,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/07\/d642f8c3.png","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-472783","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/472783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=472783"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/472783\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/472784"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=472783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=472783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=472783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}