Cyber Security Alerts

QNAP Storage Ransomware | Zero Day Exploit by DeadBolt

January 27, 2022

QNAP Ransomeware

On January 25th, businesses using QNAP Storage devices have discovered their files encrypted and a login screen demanding ransom payment. It appears a ransomware group titled DeadBolt has exploited a Zero-Day Vulnerability on QNAP devices allowing the use of ransomware to be deployed. Lawrence Abraham of Bleeping Computer states, “As the threat actors claim the attack is conducted through a zero-day vulnerability, it is strongly advised that all QNAP users disconnect their devices from the Internet and place them behind a firewall.” This threat is being closely monitored. Updates on the situation will arrive as they come.

Contigo has reviewed our client base and identified those with QNAP devices. We are working with these clients individually to address this threat.

 

Sources linked down below:

https://www.bleepingcomputer.com/news/security/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key/

https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-deadbolt-ransomware-encrypting-nas-devices/