A hacker group that goes by ‘Cl0ud SecuritY’ is targeting Lenovo network-attached storage (NAS) devices, wiping them, and then demanding a ransom.
The group is targeting old LenovoEMC NAS devices. LenovoEMC was formally known as Iomega.
Ransom notes left in the devices are asking owners to pay between $200 and $275 to have their data returned.
Only LenovoEMC/Iomega NAS devices that are exposing their management interface on the internet without a password are being targeted.
ZDNet identified around 1,000 such unsecured devices currently vulnerable to this threat.
The ransom note placed into the devices is named “RECOVER YOUR FILES !!!!.txt.”
These notes are signed as ‘Cl0ud SecuritY’ and instruct the user to email firstname.lastname@example.org in order to pay the ransom.
While the Cl0ud SecuritY hackers claim they have copied the files of the victim onto their own server, there is no evidence that they have done more than just wiped the data from the NAS device they are attacking.
RHYNO Networks was designed to meet the needs of the IT marketplace. Specifically, to offer businesses skilled, timely IT services in order for them to focus on their business. We’re dedicated to the principles of Reliability, Innovation and Customer Service.