1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Deadbolt ransomware is being used to target NAS vendors and custo

    From TechnologyDaily@1337:1/100 to All on Wed Oct 19 16:15:03 2022
    Deadbolt ransomware is being used to target NAS vendors and customers

    Date:
    Wed, 19 Oct 2022 14:54:22 +0000

    Description:
    Whatever your interest in network-attached storage, one ransomware attack group may be coming for you.

    FULL STORY ======================================================================

    Operators of the dreaded Deadbolt ransomware are attacking network-attached storage ( NAS ) users and NAS manufacturers in equal measure.

    In a study titled Deadbolt ransomware: nothing but NASty, Cybersecurity researchers from Group-IB published their analysis of an ongoing ransomware attack campaign being waged against NAS devices built by the Taiwanese manufacturer QNAP.

    The attackers are using a zero-day exploit (a never-before-seen
    vulnerability) in QNAPs NAS devices to compromise the endpoints and deliver the malware variant to small and medium-sized businesses (SMB), schools, and regular consumers. 10 BTC for technical details

    In their dealings with victims, Deadbolt's operators demanded anywhere
    between 0.03 and 0.05 bitcoin (roughly between $500 and $1,000) in exchange for the decryption key.

    However, the researchers also found that the ransomware gang reached out to QNAP itself, and demanded a much higher ransom in exchange for valuable data on their operations.

    For a ransom of 10 BTC ($192,000), the threat actors promised the NAS vendor, QNAP, that they would share all the technical details relating to the
    zero-day vulnerability that they manipulated, and for 50 BTC ($959,000) they offered to include the master key to decrypt the files belonging to the vendors clients who had fallen victim to the campaign, Group-IB wrote in its report. Read more

    These are the best ID theft protection services around

    Asustor NAS devices hit by Deadbolt ransomware attack


    QNAP NAS devices left encrypted by Deadbolt ransomware

    Given that the number of successful attacks on QNAP NAS devices rose almost sevenfold this summer, its safe to assume that QNAP kindly declined the
    offer.

    Most of the infections happened in the United States, Germany, and Italy.

    While the group behind Deadbolt is trying to extort as much money as
    possible, the police are hot on their trail, and making good progress on neutralising the threat.

    According to InfoSecurity , Dutch police managed to trick the operators into giving away more than 150 decryption keys earlier this month. They did so by quickly withdrawing the payment for the decryption keys, before it was confirmed. Here's our rundown of the best encryption software around



    ======================================================================
    Link to news story: https://www.techradar.com/news/deadbolt-ransomware-is-being-used-to-target-nas -vendors-and-customers/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)