Lightning strikes twice: DeadBolt zaps QNAP again
The advanced persistent threat (APT) ransomware group DeadBolt has struck again, and once more Taiwanese software developer QNAP is the victim.
QNAP confirmed the second attack this year on Thursday after an internal inquiry confirmed the ransom gang had broken past its defenses to compromise its network attached storage (NAS) devices. “The attack targeted devices using QTS 4.3.6 and QTS 4.4.1, and the affected models were mainly TS-x51 series and TS-x53 series,” it said.
QTS is a software tool used by QNAP to power its file sharing and storage service. QNAP has urged all NAS users to check and update to the latest version as soon as possible, and avoid exposing their storage devices to the internet.
Unfortunately QNAP’s service is very much in DeadBolt’s wheelhouse when it comes to selecting targets for extortion – the ransomware gang specializes in going after vulnerable NAS devices to exfiltrate sensitive data without the victim even knowing.
The group resurfaced in March after slipping off the radar for a while since it was first detected last year, with a wave of attacks that apparently injected malicious code into a QNAP device via a security advisory notice issued by the company itself – effectively turning the hapless developer’s defense into attack.
More from Cybernews:
Subscribe to our newsletter