Owners of popular QNAP Systems network attached storage (NAS) devices are being warned that a malicious cryptocurrency campaign is actively exploiting two unpatched critical firmware bugs. QNAP fixed the flaws in October 2020; however, researchers at Qihoo 360’s Network Security Research Lab report a widening campaign targeting over 100 unpatched firmware versions used by 4.3 million of the company’s NAS devices.
Read full article on Threat Post