Lenovo NAS devices face hacker ransom scheme

A hacker group that goes by ‘Cl0ud SecuritY’ is targeting Lenovo network-attached storage (NAS) devices, wiping them, and then demanding a ransom.

The group is targeting old LenovoEMC NAS devices. LenovoEMC was formally known as Iomega.

Ransom notes left in the devices are asking owners to pay between $200 and $275 to have their data returned.

Only LenovoEMC/Iomega NAS devices that are exposing their management interface on the internet without a password are being targeted.

ZDNet identified around 1,000 such unsecured devices currently vulnerable to this threat.

The ransom note placed into the devices is named “RECOVER YOUR FILES !!!!.txt.”

These notes are signed as ‘Cl0ud SecuritY’ and instruct the user to email [email protected] in order to pay the ransom.

While the Cl0ud SecuritY hackers claim they have copied the files of the victim onto their own server, there is no evidence that they have done more than just wiped the data from the NAS device they are attacking.

These extortion attempts are avoidable by properly securing these devices. Information on how to do so is available on the Lenovo support page found here: https://support.lenovo.com/us/en/solutions/LEN_11575

As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648

Published On: July 12, 2020Categories: Backup & Disaster Recovery, Hardware, Network, Privacy, Security

Related Posts

How AI Threatens Cybersecurity in 2024

How AI Threatens Cybersecurity in 2024

March 26, 2024
5 Best Practices For Small Business Network Security

5 Best Practices For Small Business Network Security

February 20, 2024|0 Comments
Security of Cloud Storage: Is My Data Safe in the Cloud?

Security of Cloud Storage: Is My Data Safe in the Cloud?

November 14, 2023|0 Comments
Critical Outlook Vulnerability and Emergency Update

Critical Outlook Vulnerability and Emergency Update

March 23, 2023|0 Comments