1 min read

Deadbolt Ransomware Exploits QNAP Vulnerability Patched in December

Vlad CONSTANTINESCU

February 01, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Deadbolt Ransomware Exploits QNAP Vulnerability Patched in December

QNAP, a major manufacturer of network-attached storage (NAS), is warning of cyberattacks against customers and is urging them to enable firmware auto-updating on their devices.

The newly discovered attack aims at a vulnerability, patched in December, that lets threat actors perform remote arbitrary code execution on impacted devices.

On Jan. 27, the manufacturer flagged the patched versions of the firmware as “Recommended Version.” QNAP NAS device owners could reportedly fend off these attacks by upgrading to these patched OS versions, which could be easily done by enabling the auto-update feature.

However, simply enabling the feature might not be enough to keep this threat at bay; users must also set the self-updating tool to acquire and apply recommended versions instead of the latest ones.

As shown in a QNAP advisory, recommended OS versions target customers who seek only major updates and are not interested in cutting-edge features. Starting with QTS 4.5.3, the auto-update feature is enabled by default and pointed at recommended versions of the QNAP operating system.

On the downside, automatic updates can sometimes interfere with NAS services, which could lead to customers not wanting to enable the feature to begin with. In the advisory, the manufacturer gives brief instructions on how to disable automatic updates but stresses that users should still check for updates regularly, and “arrange the update schedule accordingly, to enhance the security of QTS / QuTS hero.”

Although QNAP didn’t name the perpetrators behind this new threat, the warning comes shortly after a wave of cyberattacks hit numerous vulnerable QNAP devices with Deadbolt ransomware.

After the Deadbolt attack encrypted the data of several customers, QNAP reportedly forced emergency updates to block perpetrators from exploiting the QSA-21-57 vulnerability. However, one QNAP forum user said its data was encrypted despite having the patched firmware version installed, which could mean that attackers leverage a different vulnerability.

QNAP recently issued a security alert urging customers to be cautious due to the new wave of attacks against its popular NAS devices and giving tips to secure them against ransomware.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read
Hackers Breach New Zealand Health Insurer Accuro Hackers Breach New Zealand Health Insurer Accuro
Filip TRUȚĂ

December 02, 2022

2 min read
Flaw allowed man to access private information of other Brinks Home Security customers Flaw allowed man to access private information of other Brinks Home Security customers
Graham CLULEY

November 30, 2022

2 min read