Security News > 2022 > September > DeadBolt is hitting QNAP NAS devices via zero-day bug, what to do?

DeadBolt is hitting QNAP NAS devices via zero-day bug, what to do?
2022-09-06 11:11

A few days ago - and smack in the middle of the weekend preceding Labor Day - Taiwan-based QNAP Systems has warned about the latest round of DeadBolt ransomware attacks targeting users of its QNAP network-attached storage devices.

"QNAP detected a new DeadBolt ransomware campaign on the morning of September 3rd, 2022. The campaign appears to target QNAP NAS devices running Photo Station with internet exposure," the company said in a security advisory.

We only know that it affects the Photo Station application, which is used for managing and sharing photos stored on QNAP NAS devices, and can be exploited remotely on internet-connected devices.

"We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. This can effectively harden the NAS and decrease the chance of being attacked," QNAP added.

Additional recommendations for improving the security of one's QNAP NAS devices have been provided in the advisory and on QNAP's Product Security page.

Checkmate, Ech0raix, QSnatch, AgeLocker DeadBolt is just one of the ransomware variants targeting QNAP NAS devices.


News URL

https://www.helpnetsecurity.com/2022/09/06/deadbolt-hitting-qnap-nas/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qnap 96 16 126 133 34 309