"QNAP Issues Warning on New NAS-Targeting Checkmate Malware"

Customers of the network-attached storage (NAS) company QNAP were urged to safeguard their equipment from cyberattacks involving the data-encrypting Checkmate ransomware. Attacks are mostly focused on accounts with weak passwords that are easy targets for brute-force attacks and Internet-exposed QNAP devices with the SMB service turned on, according to QNAP. Checkmate is a newly discovered ransomware strain that first appeared in attacks around May 28. It encrypts files, appends the suffix a.checkmate, and leaves a ransom note with the name "!CHECKMATE_DECRYPTION_README." The Checkmate ransomware was used to encrypt data, and victims shared these files in a dedicated forum post despite the lack of reports on QNAP's own forums or online social networks. According to previous ransom notes, the attackers demand $15,000 in bitcoins from victims in exchange for a decryption key. The threat actors behind this effort use accounts compromised by dictionary attacks to remotely enter devices. This article continues to discuss the targeting of NAS devices by Checkmate ransomware. 

CyberIntelMag reports "QNAP Issues Warning on New NAS-Targeting Checkmate Malware"