QNAP, the manufacturer of storage devices of the same name, issued an alert last Monday (24) informing its customers about a ransomware threat called Deadbolt, which is specifically targeting users of the brand’s products.
QNAP storage devices are mainly used to save data saved on NAS servers (Network-Attached Storage; “Network Attached Storage”, which can only be opened and shared with credentials entered each time the device is connected to a computer.
new #Ransomware attack on @QNAP_nas #deadbolt asking for 0.03 BTC #BTC pic.twitter.com/IXPqy2Ox29
— Tom Cheney (@idobitom) January 25, 2022
Want to stay on top of the best tech news of the day? Access and subscribe to our new youtube channel, Kenyannews News. Every day a summary of the main news from the tech world for you!
Deadbolt ransomware looks for vulnerabilities on computers that have QNAP devices connected to them. After finding devices that could be infected, they deploy the threat, which replaces the device’s login screen with a screen explaining the attack and asking for ransom, as seen in the tweet above.
The fee required by criminals to release files from the QNAP device is 0.03 Bitcoin, equivalent to about BRL 6,200.
“This is an extremely serious alert, as we are talking about a network connected to storage devices and data management. As such, they possibly carry a range of sensitive and valuable information for companies and, once in the hands of cybercriminals, are only returned with a ransom payment, usually in cryptocurrencies”, highlights PSafe CEO Marco DeMello.
how to protect yourself
Last Wednesday (26), QNAP released a security update for its devices aimed at blocking Deadbolt. The company recommends installing the enhancement as soon as possible to decrease the threat’s attack surface.
In addition, tips and protection steps that can be applied to other ransomware can also be used to prevent Deadbolt. Among them, we highlight:
- Avoid opening suspicious communications that arrive by email or messages on social networks and not interacting with files or websites attached to them;
- In the case of companies, correctly configure remote desktop protocols (RDP) and disable those that are not needed;
- Implement strong passwords and two-factor authentication across all possible technologies to prevent brute force attacks;
- Download programs and files from official and trusted sources;
- Use a reliable security solution and keep it up to date;
- Make backups of critical or irreplaceable information regularly.
Finally, if you have detected anything suspicious already on the network where the QNAP device is connected, it is recommended that you disconnect the device from the internet immediately.
