2 min read

QNAP warns of new DeadBolt ransomware attack locking up NAS devices

Graham CLULEY

June 17, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
QNAP warns of new DeadBolt ransomware attack locking up NAS devices

Owners of NAS drives manufactured by QNAP have been advised that the company is "thoroughly investigating" reports that a new variant of the DeadBolt ransomware is targeting devices, locking up data and demanding victims pay a fee to extortionists.

According to QNAP, the NAS devices that have been hit by the attack to date are running an outdated version (4.x) of its QTS operating system.

Details are limited, but it appears that a security vulnerability in older versions of the QNAP QTS operating system have allowed unauthorised parties to gain remote access to device's across the internet.

Having gained access, the malicious hackers are able to run their DeadBolt ransomware across victim's drives, encrypting their documents, photographs, spreadsheets, movies, and other data.

In an advisory published on its website, QNAP recommends that at-risk customers update QTS or QuTS hero to the latest version immediately.

However, the company says that if you are unfortunate enough to have already had your NAS drive compromised by the DeadBolt ransomware, to take a screenshot of the ransom note (including the Bitcoin wallet address to which you are being told to send the ransom) before you upgrade the device's firmware:

If your NAS has already been compromised, take the screenshot of the ransom note to keep the bitcoin address, then, upgrade to the latest firmware version and the built-in Malware Remover application will automatically quarantine the ransom note which hijacks the login page.

Updating QTS or QuTS hero can either be done via the NAS device's administrator interface, or via manually downloading the latest version from the official QNAP website.

This is not the first time that QNAP has warned its customers of ransomware attacks locking up their devices.  In January, for instance, QNAP first warned that the DeadBolt ransomware was exploiting security holes in order to display a ransom note at login.

The DeadBolt ransomware was then seen targeting owners of another range of NAS drives, Asustor.

NAS drive owners would be sensible to defend their devices behind a firewall – unless they feel confident that a security vulnerability that could grant access to cybercriminals is not lurking deep inside.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

America’s Emergency Alert System Is Vulnerable to Hacker Attacks, DHS Warns America’s Emergency Alert System Is Vulnerable to Hacker Attacks, DHS Warns
Filip TRUȚĂ

August 05, 2022

2 min read
Keeping Your PayPal Account Safe: A Brief Guide Keeping Your PayPal Account Safe: A Brief Guide
Vlad CONSTANTINESCU

August 05, 2022

3 min read
35,000 GitHub Repository Clones Tainted with Malware 35,000 GitHub Repository Clones Tainted with Malware
Vlad CONSTANTINESCU

August 04, 2022

2 min read