QNAP advises users to disconnect NAS from internet to avoid DeadBolt ransomware ransomware
Network Attached Storage (NAS), and especially NAS from QNAP, should not be exposed to the internet. This is a warning that has just been issued by QNAP in the context of a new ransomware called DeadBolt that is actively searching for remote-accessible NAS systems.
Typically, NAS is preferred for local storage via LAN. However, many users knowingly or unknowingly allow remote NAS access. New ransomware called DeadBolt is actively scanning to find these internet-connected NAS systems. If a NAS has an internet connection and is not secured, the ransomware will encrypt the data on them.
The DeadBolt ransomware isn't complicated at all. However, NAS systems that are not up-to-date or properly configured are easy targets.
Once infiltrated, the ransomware sends a notification to the victim that their data has been encrypted. It is not clear how DeadBolt sends the notification. Most likely the guys behind this ransomware left a written note on one of the compromised NAS drives.
QNAP side confirmed that DeadBolt ransomware demands ransom in Bitcoin.
The company asks users to pay attention to the message: "The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP" on the dashboard.
If this message appears, it means that your NAS is exposed to the internet. QNAP recommends that all existing NAS users disconnect their NAS from the internet. This will block NAS access over the internet but local access will still be maintained. Currently, QNAP's NAS systems are all running the QTS operating system.
To ensure even more safety, QNAP also recommends that users disable all port forwarding on the main router that the NAS connects to and also disable the UPnP function completely.
If you feel the above steps are a bit drastic, you should at least update your NAS operating system regularly and double-check authentication and usage policies.
You should read it
- 7 kinds of ransomware you didn't expect
- List of the 3 most dangerous and scary Ransomware viruses
- Ransomware can encrypt cloud data
- General guidelines for decoding ransomware
- What is Ransomware Task Force (RTF)?
- [Infographic] 7 effective ways to protect businesses from Ransomware
- How to decode ransomware InsaneCrypt (Everbe 1.0)
- Why is Ransomware the perfect hack?
- Learn about Ransomware: 6 ransomware on computers
- Detecting two unusual versions of ransomware, shows that the world of ransomware has become diversified
- What is Fargo Ransomware? How to avoid?
- Warning: Quantum Ransomware is being rapidly deployed in lightning attacks
Maybe you are interested
New Intel microcode '0x129' tested on Linux, did not show a major impact on performance Learn about Hamster AI: The best free all-in-one AI tool Why does opening MOV file have no image? How to fix? How to print Excel on 1 A4 page - Display full content on 1 page How to install HEVC and HEIF codecs on Windows 11 More than 60% of passwords are cracked by AI in less than 60 seconds