Security News > 2022 > June > DeadBolt ransomware takes another shot at QNAP storage

QNAP is warning users about another wave of DeadBolt ransomware attacks against its network-attached storage devices - and urged customers to update their devices' QTS or QuTS hero operating systems to the latest versions.

"Cybercriminals have taken notice of this dependence and now regularly update their known tools and routines to include network-attached storage devices to their list of targets, knowing full well that users rely on these devices for storing and backing up files in both modern homes and businesses," they wrote.

"Any NAS device is a big target for ransomware since it is used to store a significant amount of business-critical data," Scott Bledsoe, CEO of encryption vendor Theon Technology, told The Register.

"Given the large number of QNAP NAS devices that are currently deployed, the Deadbolt ransomware can be used to target a wide variety of organizations for profit by the attackers."

Censys, an attack surface management firm, said that in the January attack, 4,988 of 130,000 potential online QNAP NAS devices showed signs of being infected by DeadBolt, with the number reaching 1,146 in the March outbreak.

"There is a lot of attention on ransomware families that focus on big-game hunting and one-off payments, but it's also important to keep in mind that ransomware families that focus on spray-and-pray types of attacks such as DeadBolt can also leave a lot of damage to end users and vendors," the team said.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/06/18/deadlbolt-ransomware-qnap-nas/