QNAP NAS devices are getting infected with a malware dubbed QSnatch that injects malicious code into their firmware and proceeds to steal credentials and load malicious code retrieved from its command and control (C2) servers. Germany’s Computer Emergency Response Team says roughly 7,000 NAS devices in Germany are currently affected by the malware. The malware strain was spotted by researchers at the National Cyber Security Centre of Finland (NCSC-FI) after receiving reports from the Autoreporter service of infected devices trying to communicate to C2 servers.
Source: https://www.bleepingcomputer.com/news/security/qsnatch-malware-infects-thousands-of-nas-devices-steals-credentials/