• The bug manipulated entries in ‘hosts’ file present in QNAP NAS machines.
  • This would cause antivirus updates to redirect to IP address.

Recently, Taiwanese-based storage device maker QNAP was hit with a mysterious bug. This bug would stop antivirus updates from being installed on QNAP NAS devices. One of the users reported this issue on QNAP’s online forum. Apparently, the strange bug redirected all of his antivirus updates to and would abruptly halt the update process. It manipulated queries present in the ‘hosts’ file to initiate redirection.

A user by the name ianch99 highlighted this issue in the QNAP forum. “Since recent firmware updates, the ClamAV Antivirus fails to update due to 700+ clamav.net entries in /etc/hosts, all set to e.g. bugs.clamav.net current.cvd.clamav.net database.clamav.net db.local.clamav.net update.nai.com db.ac.clamav.net db.ac.ipv6.clamav.net db.ac.big.clamav.net


As they are all set to, the ClamAV update fails. If you remove these entries, the update runs fine but they return on after rebooting.” read the post by the user.

Following the incident, ianch99 contacted QNAP regarding the issue. The company responded by asking the user to set DNS to Google servers and perform a hard reset of the device. Despite this, ianch99 has said that the suggested changes didn't solve the issue for him. QNAP is yet to resolve this issue with an official patch.

Cyware Publisher