DeadBolt Ransomware Hits Asustor NAS Devices

Tsing

The FPS Review
Staff member
Joined
May 6, 2019
Messages
12,595
Points
113
asustor-as6404t-space-bg-1024x576.jpg
Image: Asustor



Following earlier coverage relating to QNAP devices, the dreaded DeadBolt ransomware has now begun proliferating on NAS units manufactured by Asustor, according to increasing posts on reddit and the company’s own community forum from users who were surprised to find that all of their files have been encrypted. Owners of Asustor’s NAS devices have been advised to disconnect their units from the internet immediately, lest they wish to lose file access and be greeted with a ransom message seeking .03 BTC (around $1,140 at the time of this posting) in order to have their content unlocked. Users may also want to desynchronize from cloud services, as some DeadBolt victims inadvertently ended up pushing their encrypted files to services such as OneDrive and Google Drive as well...
Click to expand...

Continue reading...


 
Yeesh that sucks. Kind of glad I don't run a NAS and have to worry about that right now. No CVE so the actual vector of the attack is unknown. That's also pretty clear from the suggested steps from the vendor. Basically turn off all remote management or access to your NAS and lock it down to on site network only. Oh and change your default ports and user names. ;)
 
You must log in or register to reply here.
Become a Patron!
Back
Top