QNAP NAS owners told to patch immediately, again

Oh boy, QNAP NAS users can’t seem to catch a break, as they’ve been urged to patch up their endpoints immediately, again.  This time arou...

Oh boy, QNAP NAS users can’t seem to catch a break, as they’ve been urged to patch up their endpoints immediately, again. 

This time around, an unknown threat actor is on the hunt for vulnerable QNAP NAS devices to deploy the Deadbolt ransomware on.

Among the vulnerable devices are those running on the QTS 4.3.6 and QTS 4.1.1 operating systems. That would include the TS-x51 series, and the ST-x53 series, although it’s probably not limited to these two.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

No decryptor

Those who end up attacked will see a warning right on the login page, demanding payment in Bitcoin in exchange for the decryption key. All of the files on the affected endpoint will be encrypted using the AES128 algorithm and will have the .deadbolt extension to their filenames.

At this time, we don’t know how high the ransom demand is. 

Cybersecurity researcher Michael Gillespie has recently published a decryptor key for Deadbolt, but it seems that it only works for Windows devices. At this time, it would seem, the only way to recover the device is to actually pay the ransom.

That’s why, researchers are saying, it would be best not to get infected in the first place. That can be achieved, first and foremost, by applying the patch that’s already been made available by QNAP. Furthermore, the company urged NAS device owners to “avoid exposing their NAS to the Internet”. 

To that end, users are advised to block port forwarding on their home router, and to disable UPnP in the NAS control panel. Furthermore, they should turn off SSH and Telnet connections. Users can still access their NAS devices away from their home intranet by deploying a VPN, and using the myQNAPcloud Link app.

It’s been less than a month since QNAP urged users to patch against two vulnerabilities with a 9.8 severity score. The bugs can be used to perform low complexity attacks that don’t require victim interaction, it was said at the time.

Via: Tom's Hardware

from TechRadar - All the latest technology news https://ift.tt/gdNmRz3



Apps,3856,Business,149,Camera,1155,Earn $$$,2,Gadgets,1740,Games,926,GTA,1,Innovations,2,Mobile,1696,Paid Promotions,4,Promotions,4,Technology,7935,Trailers,796,Travel,37,Trendly News,23995,Video,5,XIAOMI,13,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: QNAP NAS owners told to patch immediately, again
QNAP NAS owners told to patch immediately, again
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy