Security News

Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x, QNAP advised. QTS 5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS. QuTS hero h5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS. QNAP NAS running QTS 4.x aren't affected.

Taiwanese hardware vendor QNAP warns most of its Network Attached Storage devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges. The 'Dirty Pipe' security bug affects Linux Kernel 5.8 and later versions, even on Android devices.

QNAP has extended support and will keep issuing security updates for some end-of-life network-attached storage devices until October 2022. "Due to these reasons, QNAP normally maintains security updates for 4 years after a product passes its EOL date. As a special effort to help users protect their devices from today's security threats, QNAP has extended security updates for some EOL models till October 2022.".

Taiwanese company QNAP has warned customers to secure network-attached storage appliances and routers against a new ransomware variant called DeadBolt. "QNAP urges all QNAP NAS users to [] immediately update QTS to the latest available version."

"Recently the QNAP Product Security Incident Response Team detected that cybercriminals are taking advantage of a patched vulnerability, described in the QNAP Security Advisory, to launch a cyberattack," the NAS maker said today. "On January 27, 2022, QNAP set the patched versions of system software as 'Recommended Version.' If auto update for 'Recommended Version' is enabled on your QNAP NAS, the system will automatically update to certain OS version to enhance security and protection of your QNAP NAS, mitigating the attack from criminals."

Delta Electronics, an electronics company that provides products for Apple, Tesla, HP and Dell, disclosed Friday that "Non-critical systems" were attacked by "Overseas hackers" - an attack that's been attributed to the Conti Group. Taiwanese storage and networking equipment provider QNAP Systems forced out an update to its customers' network attached storage devices after warning them earlier this week that the DeadBolt ransomware was in offensive mode against them.

QNAP force-updated customer's Network Attached Storage devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. On Tuesday, BleepingComputer reported on a new ransomware operation named DeadBolt that was encrypting Internet-exposed QNAP NAS devices worldwide.

QNAP has urged NAS users to act "Immediately" to install its latest updates and enable security protections after warning that product-specific ransomware called Deadbolt is targeting users' boxen. Security advice from QNAP includes disabling port-forwarding and UPnP port forwarding if your NAS is internet-facing.

The attacks started today, January 25th, with QNAP devices suddenly finding their files encrypted and file names appended with a.deadbolt file extension.Instead of creating ransom notes in each folder on the device, the QNAP device's login page is hijacked to display a screen stating, "WARNING: Your files have been locked by DeadBolt".

QNAP is warning customers again to secure their Internet-exposed Network Attached Storage devices to defend against ongoing and widespread attacks targeting their data with the new DeadBolt ransomware strain. All QNAP users are urged to "Immediately update QTS to the latest available version" to block incoming DeadBolt ransomware attacks.