DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again

  /     /     /  
Publicated : 23/11/2024   Category : security


DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again


The QNAP network-connected devices, used to store video surveillance footage, are a juicy target for attackers, experts warn.



QNAP network-attached storage (NAS) devices running out-of-date software are under snowballing numbers of active attacks in a new DeadBolt ransomware campaign, an advisory has warned.
The company is investigating the situation, but meanwhile, QNAP recommends updating its QTS and QuTS hero to the latest versions as soon as possible. This is the
second spate of attacks
in the past few weeks.
QNAP NAS devices are used to store video surveillance footage and the data. In the hands of
ransomware
threat actors, the data could be used to extort any number of organizations and individuals, experts warned.
Ransomware is starting to shift towards data theft, as the cybercriminals can gain from both being paid the ransom as well as sale of the data, Bud Broomhead, CEO of Viakoo, told Dark Reading in reaction to the campaign. Threats against NAS devices will increase along with the shift to extending ransomware into data theft.
Besides the potential data bonanza stored inside, Broomhead added that NAS devices are soft targets for cybercriminals because theyre often not set up properly or protected by a firewall. Theyre also often not managed by IT teams, meaning there isnt a robust security patching or monitoring strategy in place to protect them from attack, he said.
QNAP (and NAS drives in general) have been part of CISAs Known Exploited Vulnerability Catalog for some time, Broomhead added. Out of 778 currently exploited vulnerabilities, 10 are specific to QNAP.
The company is offering support for customers who have already been compromised.
If your NAS has already been compromised, take the screenshot of the ransom note to keep the bitcoin address, then, upgrade to the latest firmware version and the built-in Malware Remover application will automatically quarantine the ransom note which hijacks the login page, QNAP wrote in its
security advisory on DeadBolt ransomware
.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again