Security News > 2022 > May > QNAP alerts NAS customers of new DeadBolt ransomware attacks
Taiwan-based network-attached storage maker QNAP warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads.
"According to the investigation by the QNAP Product Security Incident Response Team, the attack targeted NAS devices using QTS 4.3.6 and QTS 4.4.1, and the affected models were mainly TS-x51 series and TS-x53 series," the NAS maker said.
In April, QNAP also urged NAS users to disable Universal Plug and Play port forwarding on their routers to prevent exposing them to attacks from the Internet.
With QNAP devices also being targeted by other ransomware families such as Qlocker and eCh0raix, all owners should immediately take the above measures to secure their data from future attacks.
First spotted in attacks targeting QNAP NAS devices in late January, DeadBolt ransomware hijacks the QNAP device's login page to display a screen stating, "WARNING: Your files have been locked by DeadBolt."
DeadBolt ransomware returned in February in another campaign targeting ASUSTOR NAS devices and allegedly using a zero-day vulnerability.
News URL
Related news
- QNAP fixes NAS backup software zero-day exploited at Pwn2Own (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)