#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

DeadBolt | Breaking Cybersecurity News | The Hacker News

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks

May 20, 2022
Taiwanese network-attached storage (NAS) devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks. The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security incident response team.  "QNAP urges all NAS users to check and update QTS to the latest version as soon as possible, and avoid exposing their NAS to the internet," QNAP  said  in an advisory. This development marks the third time QNAP devices have come under assault from  DeadBolt ransomware  since the start of the year. In late January, as many as 4,988 DeadBolt-infected QNAP devices were identified, prompting the company to release a forced firmware update. A second uptick in new infections was  observed  in mid-March.  DeadBolt attacks are also notable for the fact that they allegedly leverage zero-day flaws in the software to gain remote access and encrypt the systems. A
Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices

Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices

Feb 24, 2022
ASUSTOR network-attached storage (NAS) devices have become the  latest   victim  of Deadbolt ransomware, less than a month after similar attacks singled out  QNAP NAS appliances . In response to the infections, the company has released firmware updates ( ADM 4.0.4.RQO2 ) to "fix related security issues." The company is also urging users to take the following actions to keep data secure – Change your password Use a strong password Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively Change web server ports (Default ports are 80 and 443) Turn off Terminal/SSH and SFTP services and other services you do not use, and Make regular backups and ensure backups are up to date The attacks primarily affect internet-exposed ASUSTOR NAS models running ADM operating systems including, but not limited to, AS5104T, AS5304T, AS6404T, AS7004T, AS5202T, AS6302T, and AS1104T.  Much like the intrusions targeting QNAP NAS devices, the threat actors claim t
cyber security

external linkGet This Free Tool to Find and Remove Risky SaaS Apps in Minutes

websitewww.wing.securitySaaS Security / Attack Surface
Wing Security finds and ranks all SaaS applications completely for free, removing unnecessary risk.
QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices

QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices

Jan 28, 2022
Taiwanese company QNAP has warned customers to secure network-attached storage (NAS) appliances and routers against a new ransomware variant called DeadBolt . "DeadBolt has been widely targeting all NAS exposed to the Internet without any protection and encrypting users' data for Bitcoin ransom," the company  said . "QNAP urges all QNAP NAS users to […] immediately update QTS to the latest available version." A query on IoT search engine Censys shows that at least 3,687 devices have been encrypted by the DeadBolt ransomware so far, with most NAS devices located in the U.S., Taiwan, France, Italy, the U.K., Hong Kong, Germany, the Netherlands, Poland, and South Korea. In addition, QNAP is also urging users to check if their NAS devices are public-facing, and if so, take steps to turn off the port forwarding function of the router and disable the Universal Plug and Play ( UPnP ) function of the QNAP NAS. The advisory comes as  Bleeping Computer  revealed t
Cybersecurity Resources