QNAP confirmed that Qlocker ransomware has used the removed backdoor account to hack into some customers’ NAS devices and encrypt their files. The hard-coded credentials vulnerability tracked as CVE-2021-28799 was found by Taiwan-based ZUSO ART in HBS 3 Hybrid Backup Sync, the company’s disaster recovery and data backup solution. The company says that the security bug is already fixed in the following HBS versions and advises customers to update the software to the latest released version.
Source: https://www.bleepingcomputer.com/news/security/qnap-removes-backdoor-account-in-nas-backup-disaster-recovery-app/