QNAP Fights Another DeadBolt Ransomware Campaign, Releases Patch for NAS Devices

Hot potato: The threat of DeadBolt is rising again and QNAP is the doomed victim of this multiple ransomware infection. Users should install the newly released software fix as soon as possible – it is also recommended to avoid using NAS devices connected directly to the Internet, instead you should add a firewall or other form of security layer if you want to access files remotely.

Network Attached Storage (NAS) devices built by QNAP are being hit by another ransomware campaign by the DeadBolt gang. The malicious campaign began over the weekend and is still ongoing.

This new DeadBolt attack targets a zero-day vulnerability in QNAP Photo Station, a photo management software solution that offers private cloud photo storage, but unfortunately in this case it has opened a window for attackers. Campaign was identified on weekends and is rated as “critical”.

QNAP now offers advice on how to avoid these kinds of security threats and software patch to remedy the situation (if you are not already infected)…

According to QNAP, the vulnerability allows DeadBolt ransomware to encrypt files stored on NAS devices that are directly connected to the Internet (such as those assigned a public IP address). According to QNAP, the situation has been assessed and a patch has been released for the faulty software within 12 hours, and users are now strongly advised to install the following updates to fix the dangerous security hole:

  • QTS 5.0.1: Photo Station 6.1.2 and later
  • QTS 5.0.0/4.5.x: Photo Station 6.0.22 or later
  • QTS 4.3.6: Photo Station 5.7.18 and later
  • QTS 4.3.3: Photo Station 5.4.15 and later
  • QTS 4.2.6: Photo Station 5.2.14 and later

QNAP devices have become regular targets of other malware campaigns since the beginning of the year. This time, the Taiwanese storage company goes even further, advising customers to completely replace Photo Station with a competing solution such as KuMagiand stating that NAS devices should not connect directly to the Internet to improve the overall security of the device.

For remote file access, QNAP recommends using myQNAPcloud feature or turn on an enabled VPN service. In this way, QNAP claims, security will be effectively enhanced, and the likelihood of an attack will be significantly reduced.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button