New DeadBolt Ransomware Targets NAT Products
There’s a new ransomware that targets NAT devices created by QNAP:
The attacks started today, January 25th, with QNAP units out of the blue acquiring their files encrypted and file names appended with a .deadbolt file extension.
In its place of generating ransom notes in each individual folder on the product, the QNAP device’s login webpage is hijacked to exhibit a screen stating, “WARNING: Your information have been locked by DeadBolt”….
BleepingComputer is aware of at minimum fifteen victims of the new DeadBolt ransomware assault, with no specific region currently being targeted.
As with all ransomware assaults from QNAP gadgets, the DeadBolt assaults only affect products accessible to the Online.
As the threat actors assert the assault is conducted as a result of a zero-day vulnerability, it is strongly advised that all QNAP buyers disconnect their units from the Internet and location them powering a firewall.
Posted on January 26, 2022 at 10:04 AM •
Sidebar picture of Bruce Schneier by Joe MacInnis.