oom_reaper Malware Discovered on QNAP NAS Devices

oom_reaper Malware Discovered on QNAP NAS Devices

Malware has gone a long way in the past decade. Before, most malware was focused on harvesting information, spying users, or damaging their files. And while many modern malware families still do this, there are also threats that work in a stealthier manner – such as the oom_reaper Malware. This new threat was discovered on multiple QNAP network-attached storage (NAS) devices. Instead of being noisy and causing major damage, the oom_reaper Malware works in the background to execute a cryptocurrency mining Trojan. This payload uses over 50% of the total CPU resources in order to mine for the Monero cryptocurrency.

Why is the oom_reaper Malware Dangerous?

Malware of this type might not steal data or invade your privacy. It will, however, ruin the performance of systems by consuming most of the available CPU resources. On top of this, it has the ability to reduce the lifespan of components since it forces them to operate at higher loads and temperatures. Typically, campaigns like the oom_reaper Malware one involve thousands of infected devices that, collectively, make tens of thousands of dollars in cryptocurrency for criminals.

So far, there is no data about the infection vector that oom_reaper Malware’s operators have used to penetrate the security of devices. It is likely that they were exploiting weak login credentials, but there is a chance that a zero-day vulnerability might be available. Thankfully, QNAP engineers are already on the case, and a fix for the malware attack is bound to be on the way. The oom_reaper Malware does not appear to have other functionality apart from the cryptocurrency mining module. Securing your network against such attack requires a combination of reputable antivirus software, experienced operators, and up-to-date software.

The post oom_reaper Malware Discovered on QNAP NAS Devices appeared first on Cyclonis.

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.