Palo Alto Network Unit 42 researchers say a new variant of eCh0raix can target both QNAP and Synology NAS devices in a single campaign. The new variant exploits a critical bug, CVE-2021-28799 an improper authorization vulnerability that gives attackers access to hard-coded credentials so as to plant a backdoor account in the Hybrid Backup Sync (HBS 3) software. The first time researchers saw this dual-vendor variant was September 2020, they suggested: Maybe the attackers had separate code bases to target the vendors devices in separate campaigns before that.
Source: https://threatpost.com/ech0raix-ransomware-variant-qnap-synology-nas-devices/168516/