2 min read

QNAP warns of new DeadBolt ransomware attack locking up NAS devices

Graham CLULEY

June 17, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
QNAP warns of new DeadBolt ransomware attack locking up NAS devices

Owners of NAS drives manufactured by QNAP have been advised that the company is "thoroughly investigating" reports that a new variant of the DeadBolt ransomware is targeting devices, locking up data and demanding victims pay a fee to extortionists.

According to QNAP, the NAS devices that have been hit by the attack to date are running an outdated version (4.x) of its QTS operating system.

Details are limited, but it appears that a security vulnerability in older versions of the QNAP QTS operating system have allowed unauthorised parties to gain remote access to device's across the internet.

Having gained access, the malicious hackers are able to run their DeadBolt ransomware across victim's drives, encrypting their documents, photographs, spreadsheets, movies, and other data.

In an advisory published on its website, QNAP recommends that at-risk customers update QTS or QuTS hero to the latest version immediately.

However, the company says that if you are unfortunate enough to have already had your NAS drive compromised by the DeadBolt ransomware, to take a screenshot of the ransom note (including the Bitcoin wallet address to which you are being told to send the ransom) before you upgrade the device's firmware:

If your NAS has already been compromised, take the screenshot of the ransom note to keep the bitcoin address, then, upgrade to the latest firmware version and the built-in Malware Remover application will automatically quarantine the ransom note which hijacks the login page.

Updating QTS or QuTS hero can either be done via the NAS device's administrator interface, or via manually downloading the latest version from the official QNAP website.

This is not the first time that QNAP has warned its customers of ransomware attacks locking up their devices.  In January, for instance, QNAP first warned that the DeadBolt ransomware was exploiting security holes in order to display a ransom note at login.

The DeadBolt ransomware was then seen targeting owners of another range of NAS drives, Asustor.

NAS drive owners would be sensible to defend their devices behind a firewall – unless they feel confident that a security vulnerability that could grant access to cybercriminals is not lurking deep inside.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

New Chromebook Exploit Lets Users Unenroll Managed Devices New Chromebook Exploit Lets Users Unenroll Managed Devices
Vlad CONSTANTINESCU

February 02, 2023

1 min read
BBB Warns Social Security Beneficiaries of Cost of Living Adjustment Scams BBB Warns Social Security Beneficiaries of Cost of Living Adjustment Scams
Alina BÎZGĂ

February 01, 2023

2 min read
Planet Ice hacked! 240,000 skating fans' details stolen Planet Ice hacked! 240,000 skating fans' details stolen
Graham CLULEY

January 31, 2023

2 min read