1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Asustor NAS devices hit by Deadbolt ransomware attack

    From TechnologyDaily@1337:1/100 to All on Tue Feb 22 13:30:04 2022
    Asustor NAS devices hit by Deadbolt ransomware attack

    Date:
    Tue, 22 Feb 2022 13:17:39 +0000

    Description:
    The best way to stay safe is to disconnect the device from the internet, Asustor NAS users are saying.

    FULL STORY ======================================================================

    Following ransomware attacks against QNAP NAS devices, it is now Asustors
    turn to suffer, according to multiple reports of Asustor NAS devices being attacked by the DeadBolt ransomware.

    It's still not known exactly how the attackers managed to compromise Asustor devices, as well as which models are susceptible to the attack. This is
    partly because the company is still keeping quiet about it, but user should hopefully receive a statement, as well as a patch, sooner rather than later.

    Allegedly, AS6602T, AS-6210T-4K, AS5304T, AS6102T, or AS5304T are
    invulnerable to these attacks, while AS5304T, AS6404T, AS5104T, and AS7004T, seem to be affected. No ransom demand yet

    Initial reports suggest that the attackers managed to compromise a vulnerability found in Asustor's EZ Connect utility, a feature that allows users to connect to the NAS system remotely.

    The attackers have made no ransom demands yet.

    In the case of QNAP, which was also attacked with DeadBolt, the operators demanded 0.03 bitcoin, or approximately $1,100, at press time. They also offered to sell the details on the vulnerability itself for five bitcoin (around $185,000), as well as a master decryption key against the malware for 50 bitcoin ($1.85 million). Read more

    QNAP NAS devices hit with surge of ransomware attacks


    QNAP NAS devices left encrypted by Deadbolt ransomware


    QNAP extends support for older NAS devices amid surge in attacks

    Until we hear from Asustor, the best way to stay safe is to disconnect the endpoints from the internet entirely. Users who own one of the unaffected variants, but still would like to make some security precautions, should disable EZ Connect, automatic updates, SSH, block all NAS ports from the router, and only allow connections from within the network, some Asustor
    users are suggesting.

    QNAP users have had it rough, lately. Besides being attacked by Deadbolt,
    they also suffered a ransomware attack at the hands of eCh0raix ransomware.
    In late December last year, the affected users were demanded between .024 and .06 bitcoin ($880 - $2,200) for the decryption key. TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window <<

    A free decryptor is available online, but only for older versions of the ransomware. For the newer versions (1.0.5. and 1.0.6.), there is currently no free option to decrypt data following an infection.

    To keep NAS devices secure and shield against future attacks, QNAP has prepared a series of recommendations and best practices, which can be found here . These are the best NAS hard drives right now

    Via: Tom's Hardware



    ======================================================================
    Link to news story: https://www.techradar.com/news/asustor-nas-devices-hit-by-deadbolt-ransomware- attack/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)