Security News > 2022 > January > QNAP: DeadBolt ransomware exploits a bug patched in December
"Recently the QNAP Product Security Incident Response Team detected that cybercriminals are taking advantage of a patched vulnerability, described in the QNAP Security Advisory, to launch a cyberattack," the NAS maker said today.
"On January 27, 2022, QNAP set the patched versions of system software as 'Recommended Version.' If auto update for 'Recommended Version' is enabled on your QNAP NAS, the system will automatically update to certain OS version to enhance security and protection of your QNAP NAS, mitigating the attack from criminals."
While the company did not name the threat actors behind these ongoing attacks, the warning comes after a wave of attacks targeting Internet-exposed QNAP devices with DeadBolt ransomware and asking victims to pay 0.03 bitcoins for a decryption key.
It was later revealed that QNAP force installed the update needed to block attackers from exploiting the QSA-21-57 bug after thousands of customers had their data encrypted in DeadBolt attacks.
Including the DeadBolt ransomware alert, QNAP issued three warnings in the last 12 months to alert customers of ransomware attacks targeting their Internet-exposed NAS devices.
QNAP previously warned rusers of AgeLocker ransomware attacks in April and eCh0raix ransomware attacks in May..
News URL
Related news
- China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware (source)
- PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- New SuperBlack ransomware exploits Fortinet auth bypass flaws (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)