Security News > 2022 > March > DeadBolt Ransomware Resurfaces to Hit QNAP Again

DeadBolt Ransomware Resurfaces to Hit QNAP Again
2022-03-23 15:43

DeadBolt ransomware has resurfaced in a new wave of attacks on QNAP that begin in mid-March and signals a new targeting of the Taiwan-based network-attached storage devices by the fledgling threat, researchers said.

Researchers from Censys, which provides attack-surface management solutions, said they observed DeadBolt infections on QNAP gear ramp up slowly starting March 16, with a total of 373 infections that day.

The update was meant to clean up after DeadBolt attacks that were greeting customers with the ransomware group's screen when they logged in, effectively locking them out of the device.

The new wave of attacks ostensibly follow the same pattern as January's wave against QNAP devices, the majority of which were identified running the QNAP QTS Linux kernel version 5.10.60, Ellzey said.

The attacks appear the same to the customer and ask for the same ransom as previous DeadBolt attacks on QNAP devices, Ellzey said.

Censys researchers picked up on the latest wave of QNAP attacks due to the unique way the current DeadBolt ransomware variant communicates with victims, according to the post.


News URL

https://threatpost.com/deadbolt-ransomware-qnap-again/179057/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qnap 80 4 97 122 76 299