QNAP alerts users to ransomware aimed against internet-facing network storage products.

In light of persistent attacks, the company has released a guidance on safeguarding susceptible goods.

We might receive an affiliate commission if you make a purchase after clicking on one of our links. This is how it operates.

Network-attached storage (NAS) device in close-up
(Photo courtesy of Shutterstock)
Customers of QNAP have been informed that ransomware is being used by cybercriminals to target its network-attached storage (NAS) systems. They are also being urged to encrypt their devices as soon as possible.

The maker of QNAP’s internet-facing NAS devices claims that brute-force and ransomware cyberattacks have been “widely targeting” their goods. The manufacturer released a product security statement on Friday.

Which network storage appliance is the best fit for you from the 2023 best NAS drives?
A NAS has 12 fantastic uses.

On January 10, 2022, QNAP, a Taiwanese company known for its network-attached storage (NAS) solutions, issued a warning about ransomware attacks specifically targeting its internet-facing NAS devices. The ransomware, named DeadBolt, exploited vulnerabilities in QNAP NAS devices that were exposed to the internet, encrypting users’ data and demanding a ransom payment in Bitcoin for decryption.

Key points from the news include:

  1. Attack Mechanism: The ransomware took advantage of vulnerabilities in QNAP NAS systems that were accessible from the internet, without the need for sophisticated techniques or user interaction.
  2. Ransom Note and Payment: After encrypting the data, DeadBolt displayed a ransom note via the QNAP web interface, demanding a payment of 0.03 Bitcoin (approximately $1,100 at the time) for the decryption key. The ransom note also claimed that all files had been encrypted.
  3. Recommendation from QNAP:
  • Users were advised to disconnect their NAS devices from the internet immediately.
  • QNAP recommended updating their devices to the latest firmware and using strong, unique passwords.
  • Enabling system features such as IP access protection and disabling the default “admin” account were among other security suggestions.
  1. Broader Context: This incident was part of a growing trend of ransomware targeting NAS and backup storage systems, exploiting their importance in data storage and backups for both personal and business use.

The attack highlighted the importance of securing NAS devices and limiting internet exposure to reduce the risk of ransomware infections.

Leave a Reply

Your email address will not be published. Required fields are marked *