2 min read

QNAP warns of new DeadBolt ransomware attack locking up NAS devices

Graham CLULEY

June 17, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
QNAP warns of new DeadBolt ransomware attack locking up NAS devices

Owners of NAS drives manufactured by QNAP have been advised that the company is "thoroughly investigating" reports that a new variant of the DeadBolt ransomware is targeting devices, locking up data and demanding victims pay a fee to extortionists.

According to QNAP, the NAS devices that have been hit by the attack to date are running an outdated version (4.x) of its QTS operating system.

Details are limited, but it appears that a security vulnerability in older versions of the QNAP QTS operating system have allowed unauthorised parties to gain remote access to device's across the internet.

Having gained access, the malicious hackers are able to run their DeadBolt ransomware across victim's drives, encrypting their documents, photographs, spreadsheets, movies, and other data.

In an advisory published on its website, QNAP recommends that at-risk customers update QTS or QuTS hero to the latest version immediately.

However, the company says that if you are unfortunate enough to have already had your NAS drive compromised by the DeadBolt ransomware, to take a screenshot of the ransom note (including the Bitcoin wallet address to which you are being told to send the ransom) before you upgrade the device's firmware:

If your NAS has already been compromised, take the screenshot of the ransom note to keep the bitcoin address, then, upgrade to the latest firmware version and the built-in Malware Remover application will automatically quarantine the ransom note which hijacks the login page.

Updating QTS or QuTS hero can either be done via the NAS device's administrator interface, or via manually downloading the latest version from the official QNAP website.

This is not the first time that QNAP has warned its customers of ransomware attacks locking up their devices.  In January, for instance, QNAP first warned that the DeadBolt ransomware was exploiting security holes in order to display a ransom note at login.

The DeadBolt ransomware was then seen targeting owners of another range of NAS drives, Asustor.

NAS drive owners would be sensible to defend their devices behind a firewall – unless they feel confident that a security vulnerability that could grant access to cybercriminals is not lurking deep inside.

tags


Author



Right now

Top posts

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Internet Service Providers Help Spyware Vendor Infect iOS and Android Devices Internet Service Providers Help Spyware Vendor Infect iOS and Android Devices
Vlad CONSTANTINESCU

June 24, 2022

2 min read
QNAP NAS Devices Vulnerable to Remote Attacks Through Critical PHP Flaw Exploit QNAP NAS Devices Vulnerable to Remote Attacks Through Critical PHP Flaw Exploit
Vlad CONSTANTINESCU

June 23, 2022

2 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021 Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
Filip TRUȚĂ

June 22, 2022

1 min read