Storage Vendor QNAP Forces Update After Ransomware Hits 3600 Devices

0

Ransomware criminals have launched a campaign that infected and encrypted data on thousands of network attached storage devices made by Taiwan-based QNAP. The company took drastic action to prevent further attacks, remotely force-installing an update on users’ devices in the middle of the night.

The Deadbolt ransomware started seeking out vulnerable QNAP NAS devices just three days ago, infecting just under 3700. A warning screen left behind by Deadbolt claims that users aren’t being targeted personally. Instead, the attackers blame “the inadequate security provided by [their] vendor (QNAP).”

Two different ransom demands were made. Individual users were told they could pay 0.03 Bitcoin — about $1100 U.S. dollars at today’s exchange rat — to receive a decryption key that would unlock their files.

Another offer was made to QNAP. Deadbolt offered to provide a master key that would decrypt all victims’ files for a much steeper 50 bitcoin, or roughly $1.8 million. As a bonus, the attackers would also hand over information about the previously-undiscovered exploit that was used to infect these QNAP devices.

QNAP warned its customers of the attacks the day after they began. The company issued a statement and recommended that users verify their security settings immediately. Several configuration changes were recommended to keep the Deadbolt ransomware at bay. QNAP also strongly advised users to install the latest firmware for their devices.

Historically, though, not everyone is in a hurry to update. Some merely find it inconvenient, but others have legitimate concerns about software updates causing unwanted disruptions.

Considering the situation to be grave, QNAP opted to force-update vulnerable devices. While undeniably beneficial in terms of disrupting the Deadbolt attacks, the update had an undesired effect on some users’ systems.

Some lost access to some of the drives on which their data was stored. Others who had had already been hit by the ransomware and were trying to decrypt found that the decryption process was now broken.

This is an incredibly difficult situation for both vendors and users. Certainly given QNAP’s market share and the relatively low number of infections at the time factored in to the decision.

Still, it’s impossible not to sympathize with the unfortunately few who are dealing with a new set of problems following the update. It’s just one of the many side effects of the never-ending battle against global malware.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! Rapidtelecast.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave a comment