On Thursday, Taiwanese hardware vendor QNAP in an advisory warned customers of a new malware strain named Dovecat.

The malware is targeting its line of network-attached storage (NAS) devices to manipulate local resources and mine cryptocurrency behind users’ backs.

QNAP said the malware is currently spreading by connecting to QNAP NAS systems left exposed online using weak passwords.

The security advisory comes after the company started receiving reports from its users last year about two unidentified processes —named dovecat and dedpma— that were running non-stop and consuming the device’s memory.

Matthew Ruffell, a Canonical software engineer and the founder of Dapper Linux, examined the malware last year when he found it on an Ubuntu system.

He said that the malware was able to infect any Linux system but seemed to have been explicitly designed for the internal structure of QNAP NAS devices.

But as Ruffell highlighted that Dovecat attacks were indiscriminate, adding that similar infections were also reported by users of Synology NAS devices.

 

Leave a Reply

Your email address will not be published. Required fields are marked *