We’re aware of a 0day exploit that infects exposed QNAP devices with ransomware. You can find more information here.
At this stage, QNAP have not provided further information about the exploit and no known patches have been released. We recommend you check if your QNAP device is exposed to the internet and remove the device if it is exposed – click here for more information on this.
We’ll continue to monitor this campaign and contact you directly if we see anything suspicious.