• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
qnap nas devices face fresh deadbolt ransomware attack

QNAP NAS devices face fresh Deadbolt ransomware attack

You are here: Home / General Cyber Security News / QNAP NAS devices face fresh Deadbolt ransomware attack
March 23, 2022

Shutterstock

Deadbolt, a ransomware variant that attacked QNAP storage in January, is back again and infecting far more of the drives, scientists unveiled this 7 days.

Deadbolt is a ransomware variant initial determined in January. It targets network-hooked up storage (NAS) equipment from QNAP, which operate the firm’s possess Linux distribution referred to as QTS.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Fairly than encrypting the whole drive, Deadbolt concentrates on encrypting backup drives and then hacks the device’s web interface to supply a ransomware message.

Bacterial infections peaked on January 26, according to cyber security business Censys, influencing just about 5,000 of the 130,000 QNAP gadgets in use. QNAP power updated its firmware in January to halt the infections.

This update reportedly triggered facet consequences which include broken iSCSI connections. It also taken off the hacked interface, which stopped hacked customers who had compensated the ransom from decrypting the information. On the other hand, Censys reported that it diminished the amount of contaminated equipment at the time to under 300.

The ransomware resurged on QNAP equipment this month. Censys saw new bacterial infections starting on March 16, when the number of infected products stood at 373. Inside of three days, the range of contaminated gadgets had grown to 1,146.

While the attackers are applying a various Bitcoin deal with for the latest ransom desire, the rest of the attack continues to be the exact, Censys claimed. They are demanding .03 bitcoins (presently really worth around $1,280).

The attackers guarantee to produce a decryption key in exchange for the ransom payment. They also make a different give to QNAP by way of the hacked web interface, providing it entire details of the complex exploit that enabled the attack for five bitcoins ($213,300) or a master decryption vital for 50 bitcoins ($2.13m).

This attack is strange, in that apart from the hacked web interface, the attackers only connect with the victims through bitcoin payments. They return the encryption key from a ransom payment in the OPRETURN area of a Bitcoin transaction.

QNAP drives have experienced attacks in advance of, which includes infection by Dovecat crypto-mining malware and QSnatch, legacy malware which stopped administrators from implementing security patches.


Some pieces of this article are sourced from:
www.itpro.co.uk

Previous Post: «microsoft and okta confirm breach by lapsus$ extortion group Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
Next Post: Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware over 200,000 microtik routers worldwide are under the control of»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Freejacking Campaign By PurpleUrchin Bypasses Captchas
  • ChatGPT Used to Develop New Malicious Tools
  • Dark Web Actors Fight For Drug Trafficking and Illegal Pharmacy Supremacy
  • Kinsing Cryptojacking Hits Kubernetes Clusters via Misconfigured PostgreSQL
  • New Study Uncovers Text-to-SQL Model Vulnerabilities Allowing Data Theft and DoS Attacks
  • UK insurer announces ‘world-first’ cyber catastrophe bond
  • Why Do User Permissions Matter for SaaS Security?
  • FCC plans strict overhaul of 15-year-old US data breach regulations
  • Security updates for Windows 7 finally end, users urged to upgrade
  • Global Cyber-Attack Volume Surges 38% in 2022

Copyright © TheCyberSecurity.News, All Rights Reserved.