QNAP NAS customers told to update now to protect against attack
QNAP customers urged to update NAS drives ASAP
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
QNAP customers are again being warned of DeadBolt ransomware attacks againstNAS drives, which this time is affecting photo storage management tools.
This isn’t the first time that QNAP customers have had the security of their data threatened. Several attacks have been launched throughout 2022 focusing on varying zero-day vulnerabilities.
In a security notice on theQNAP website, customers are urged to “take immediate action”, with the company saying it “detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet.”
QNAP DeadBolt ransomware
Initially uncovered on September 3, 2022, “QNAP Product Security Incident Response Team (QNAP PSIRT) had made the assessment and released the patched Photo Station app for the current version within 12 hours.”
Bleeping Computerreports the following security updates that fix the vulnerability:
The best patch management software around right now>QNAP calls on users to update NAS devices immediately>Sorry QNAP customers, you’re under attack again
“We recommend using QuMagie to efficiently manage photo storage in your QNAP NAS”, QNAP added, noting that this is a “simple and powerful alternative to Photo Station.”
Along with keeping their NAS drives up-to-date, QNAP has also advised that its customers avoid directly connecting their devices to the Internet. By placing a drive behind a firewall - such as the company’s own myQNAPcloud Link feature or a VPN - users can reduce their chances of being subject to a ransomware attack.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Other steps you can take if you are worried that your data may be affected is to take regular snapshots and backups, and to regularly change your password keeping in mind what makes agood password.
ViaBleeping Computer
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
