QNAP storage devices again hit by Deadbolt Ransomware


QNAP, a Taiwan-based company that offers data storage appliances, is back in news to become a target to Deadbolt ransomware again. Reports are in that the said file encrypting malware infected several NAS devices supplied by the hardware vendor, locking down access to users to stored information.

The security team of QNAP has reacted to the news by stating that users need to keep their appliances updated with the latest software updates that have been available since April 2022.

This time, the targeted models of QNAP are QTS 4.3.6 and QTS 4.4.1 and mainly those belonging to the X-series used by individuals and SMBs to manage files, share information and to perform other tasks.

Users are being urged by the NAS appliance maker to check for QTS update for the latest version and avoid the connection of Network Attacked Storage (NAS) to the World Wide Web.

According to a report conducted by security firm Censys from among 130,000 QNAP NAS devices, hackers have been targeted almost half of them with malware by exploiting certain zero-day vulnerabilities. This time those spreading Deadbolt are seen demanding 0.03 BTC to free up the data from encryption.

NOTE 1- Early this week, threat intelligence firm Emsisoft released a press update. It stated that victims of Deadbolt Ransomware using QNAP appliances can use their decryption tool only if they paid the hackers a ransom for a decryption tool that is now neutralized because of a forced update from QNAP for NAS appliances.

NOTE 2- It is better if the company solves these issues at the earliest. As it can make its customers lose trust in the products in near future.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display