Deadbolt Ransomware Exploits QNAP Vulnerability Patched in December
QNAP, a major manufacturer of network-attached storage (NAS), is warning of cyberattacks against customers and is urging them to enable firmware auto-updating on their devices.
The newly discovered attack aims at a vulnerability, patched in December, that lets threat actors perform remote arbitrary code execution on impacted devices.
On Jan. 27, the manufacturer flagged the patched versions of the firmware as “Recommended Version.” QNAP NAS device owners could reportedly fend off these attacks by upgrading to these patched OS versions, which could be easily done by enabling the auto-update feature.
However, simply enabling the feature might not be enough to keep this threat at bay; users must also set the self-updating tool to acquire and apply recommended versions instead of the latest ones.
As shown in a QNAP advisory, recommended OS versions target customers who seek only major updates and are not interested in cutting-edge features. Starting with QTS 4.5.3, the auto-update feature is enabled by default and pointed at recommended versions of the QNAP operating system.
On the downside, automatic updates can sometimes interfere with NAS services, which could lead to customers not wanting to enable the feature to begin with. In the advisory, the manufacturer gives brief instructions on how to disable automatic updates but stresses that users should still check for updates regularly, and “arrange the update schedule accordingly, to enhance the security of QTS / QuTS hero.”
Although QNAP didn’t name the perpetrators behind this new threat, the warning comes shortly after a wave of cyberattacks hit numerous vulnerable QNAP devices with Deadbolt ransomware.
After the Deadbolt attack encrypted the data of several customers, QNAP reportedly forced emergency updates to block perpetrators from exploiting the QSA-21-57 vulnerability. However, one QNAP forum user said its data was encrypted despite having the patched firmware version installed, which could mean that attackers leverage a different vulnerability.
QNAP recently issued a security alert urging customers to be cautious due to the new wave of attacks against its popular NAS devices and giving tips to secure them against ransomware.
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022