Lightning strikes twice: DeadBolt zaps QNAP again

The advanced persistent threat (APT) ransomware group DeadBolt has struck again, and once more Taiwanese software developer QNAP is the victim.

QNAP confirmed the second attack this year on Thursday after an internal inquiry confirmed the ransom gang had broken past its defenses to compromise its network attached storage (NAS) devices. “The attack targeted devices using QTS 4.3.6 and QTS 4.4.1, and the affected models were mainly TS-x51 series and TS-x53 series,” it said.

QTS is a software tool used by QNAP to power its file sharing and storage service. QNAP has urged all NAS users to check and update to the latest version as soon as possible, and avoid exposing their storage devices to the internet.

Unfortunately QNAP’s service is very much in DeadBolt’s wheelhouse when it comes to selecting targets for extortion – the ransomware gang specializes in going after vulnerable NAS devices to exfiltrate sensitive data without the victim even knowing.

The group resurfaced in March after slipping off the radar for a while since it was first detected last year, with a wave of attacks that apparently injected malicious code into a QNAP device via a security advisory notice issued by the company itself – effectively turning the hapless developer’s defense into attack.

More from Cybernews:

A DeadBolt from the blue: ransom gang fires up for more hack attacks

'Space pirates' penetrate deep into Russia's aerospace industry

Lex Fridman targeted in a DeadBolt ransomware attack

Russia's “troll factory” working overtime to misinform

Millions of Brits exposed as traffic camera data left open to public

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked