The Taiwan-based QNAP vendor requests its consumers to install the latest patch on their NAS devices and limit their exposure to the internet. The company has published an alert in response to the new DeadBolt ransomware attacks that target NAS devices that exploit their devices by using the QTS 4.3.6 and QTS 4.4.1.
The DeadBolt ransomware was found attacking their devices by using the affected models, mainly the older series like the TS-x51 and TS-x53. Both versions are exploitable by the OTS mentioned earlier.
QNAP recommends that all users who own a NAS device should check and update their QTS to the most recent version as soon as possible to avoid a possible attack of DeadBolt.
DeadBolt has been a menace for the QNAP devices.
DeadBolt ransomware operators have been targeting QNAP NAS devices globally since the start of the year. The threat operators claim that the availability of zero-day vulnerability allows them to encrypt the data of the compromised systems.
The hacked QNAP device login screen will portray a ransom noted that the demands about $1277 (roughly 0.03 Bitcoin) in exchange for an encryption key for the encrypted files. In addition, the ransom note includes a title called “important message for QNAP”, which is a link that will redirect the target to a landing page that will offer technical details of the alleged zero-day flaw in NAS devices, approximately 5 BTC.
The DeadBolt operators are also offering a master decryption key for 50 BTC, allowing its victims to decrypt their entire files.
In January, QNAP mandated their firmware update for its NAS storage device to shield its customers against DeadBolt. By February, storage solutions provider Asustor advised its users regarding a new wave of DeadBolt ransomware that attacks NAS devices.
Furthermore, QNAP addressed several flaws, including a security issue that a remotely-based threat actor could exploit to operate arbitrary commands on vulnerable QVR systems.
QNAP’s QVR system is a video surveillance solution for the Taiwan-based vendor, which is held on its NAS devices and does not need extra software.
