Security News > 2022 > February > DeadBolt ransomware now targets ASUSTOR devices, asks 50 BTC for master key

DeadBolt ransomware now targets ASUSTOR devices, asks 50 BTC for master key
2022-02-23 17:57

The DeadBolt ransomware is now targeting ASUSTOR NAS devices by encrypting files and demanding a $1,150 ransom in bitcoins.

Similar to the DeadBolt ransomware attacks that targeted QNAP NAS devices last month, the threat actors claim to be using a zero-day vulnerability to encrypt ASUSTOR NAS devices.

While ASUSTOR has not explained how the NAS devices are being encrypted, some ASUSTOR owners believe that it is a vulnerability in the PLEX media server or EZ Connect that allows access to their devices.

Similar to the attacks on QNAP devices, DeadBolt is attempting to sell information to ASUSTOR about the alleged zero-day vulnerability used to breach NAS devices and the master decryption for all victims.

The DeadBolt ransom note includes a link titled "Important message for ASUSTOR," that when clicked, will display a message from the DeadBolt gang specifically for ASUSTOR. On this screen, the DeadBolt threat actors are selling the details of the alleged zero-day vulnerability if ASUSTOR pays them 7.5 Bitcoins, worth $290,000.

The DeadBolt gang is also trying to sell ASUSTOR the master decryption key for all victims and the zero-day details for 50 bitcoins, worth $1.9 million.


News URL

https://www.bleepingcomputer.com/news/security/deadbolt-ransomware-now-targets-asustor-devices-asks-50-btc-for-master-key/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Asustor 11 3 21 9 9 42