QNAP warns about ransomware 'DeadBolt' that destroys NAS data, update immediately and manufacturer


Martin @pokipsie Rechsteiner

QNAP, which handles network attached storage (NAS) , announced on September 3, 2022 that ransomware ' DeadBolt ' that encrypts data in the company's Photo Station was detected. QNAP urges users to update the firmware immediately.

Take immediate action to update Photo Station to the latest available version | QNAP (US)

New wave of data-destroying ransomware attacks hits QNAP NAS devices | Ars Technica

QNAP announced in January 2022 that ransomware DeadBolt was encrypting its NAS, but this time DeadBolt is targeting Photo Station, QNAP's photo management application.

QNAP's Product Security Incident Response Team (QNAP PSIRT) released a patched Photo Station 12 hours after it was discovered. Therefore, in addition to calling for updating Photo Station to the latest version, the company also recommends switching to QuMagie , a similar photo management application.

QNAP also issued a DeadBolt security advisory with an impact level of Critical, strongly recommending the following steps to protect QNAP NA devices and routers:

1. Disable the port forwarding function of your router.
2. Set up myQNAPcloud on your NAS for secure remote access and minimize the risk of internet exposure.
3. Update the NAS firmware to the latest version.
Four. Update all applications on the NAS to the latest version.
Five. Set strong passwords for all user accounts on the NAS.
6. Take regular snapshots and backups for data protection.

According to Ars Technica, an IT news site that covered QNAP's announcement, it will be displayed as follows when infected with DeadBolt.

After that, DeadBolt will buy QNAP a report on vulnerability for 5 bitcoins (about 14 million yen), or buy a report and recovery key for 50 bitcoins (about 140 million yen). Suggest what

Ars Technica commented, 'Given the sensitivity of data stored on devices like NAS, users will need to spend enough time to make sure they are following best practices.'

in Web Service,   Hardware,   Security, Posted by log1l_ks