Taiwanese firm QNAP Systems has alerted customers to ongoing DeadBolt ransomware attacks that began on Saturday.
Per reports, the attack’s backdoor was a vulnerability in the firm’s private cloud storage for photos called Photo Station.
RELATED RESOURCE
An EDR buyer's guide
How to pick the best endpoint detection and response solution for your business
"QNAP Systems, Inc. today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet," reads the firm’s security notice.
Since the beginning of the year, the DeadBolt ransomware group has been targeting NAS devices using an alleged zero-day vulnerability on Internet-exposed devices.
In response to the recent attack, QNAP’s product security incident response team (PSIRT) released a patched Photo Station app, urging QNAP NAS users to update to the newest version.
The security updates came 12 hours after DeadBolt began using the zero-day vulnerability in its attacks. To ensure continued services, QNAP also suggested users replace their Photo Station app with QuMagie, a safer photo storage management tool for QNAP NAS devices.
Additionally, the firm advised users to avoid connecting their QNAP NAS devices to the internet as a precaution.
“We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. This can effectively harden the NAS and decrease the chance of being attacked,” said QNAP in a statement.
-
Software developer salaries are surging in the UK as AI skills gaps drives demandNews Stack Overflow says positive growth in developer salaries shows the community is thriving
-
Darktrace bolsters expansion plans with double C-suite appointmentNews Industry veteran Samun Raju joins the security vendor as CFO, while former KnowBe4 executive Hein Hellemons becomes CRO
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
