PSA: The Deadbolt ransomware gang began attacking ONAP network-attached storage (NAS) gadgets at the start of this yr, and so they have continued regardless of the corporate’s safety efforts. Amid the newest incident, QNAP’s recommendation to customers stays the identical.
This week, QNAP reported new assaults on customers of its NAS drives by Deadbolt ransomware. As with the Deadbolt assaults in January, the corporate recommends customers improve their gadgets to the newest firmware, which the ransomware hasn’t breached, and keep away from connecting them to the web.
QNAP says the newest assaults have hit gadgets working QTS firmware variations 4.3.6 and 4.4.1 — principally TS-x51 and TS-x53 collection fashions. The newest firmware variations are 4.54 and 5.00, each of which obtained new builds because the January assaults. QNAP additionally prolonged safety patches to some end-of-life fashions in February.
Following the preliminary incidents, the Taiwan-based firm launched directions for checking a tool’s web connection, which may depart it weak. It additionally says disabling port forwarding and UPnP will make a NAS safer.
One safety measure QNAP took in January inconvenienced some customers when it used its multi-layered auto-update system to power a safety replace. The ransomware had already unfold to hundreds of techniques by then, inflicting a disaster, however others misplaced information after the replace.
Asustor NAS drives additionally suffered Deadbolt assaults in February. Much like QNAP, Asustor suggested customers to take their gadgets offline. However, the corporate responded to Deadbolt with a safety replace in March.
