Qnap sockets are once again being targeted by hackers. This time the danger comes from a new type of ransomware that goes by the name Deadbolt.
Nas devices from Qnap are popular with hackers. These fish the small servers again with ransomware. This is not new: last year, a leak already aroused the interest of hackers and early this year Qnap already sent out a warning to users. This time a new type of ransomware is involved: Deadbolt.
Deadbolt targets NAS devices accessed unprotected over the Internet. The ransomware encrypts users’ data for ransom, which they must pay in Bitcoin. Deadbolt itself blames Qnap and claims that poor security from the manufacturer allows the malware to penetrate.
Settings
For its part, Qnap advises all users to quickly update to the latest version of the operating system. Furthermore, the manufacturer shares some precautions users can take. For example, you can check if your NAS is accessible via the Internet and if the administrator interface is. Furthermore, Qnap recommends disabling port forwarding for ports 8080 and 443 on your router.
Meanwhile, the popularity of Qnap devices among hackers illustrates that something is not quite right along the lines of Qnap itself. Standard security settings do not necessarily seem adequate. NAS devices from other manufacturers can also be managed via the Internet and the browser, but they are not targeted. Of course, as always, you also have a responsibility as a user. A bad combination of username and password does make it very easy for hackers to gain access.