October 11, 2024

Taiwanese network-attached storage (NAS) devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks.

The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security incident response team.

“QNAP urges all NAS users to check and update QTS to the latest version as soon as possible, and avoid exposing their NAS to the internet,” QNAP said in an advisory.

This development marks the third time QNAP devices have come under assault from DeadBolt ransomware since the start of the year.

In late January, as many as 4,988 DeadBolt-infected QNAP devices were identified, prompting the company to release a forced firmware update. A second uptick in new infections was observed in mid-March.

DeadBolt attacks are also notable for the fact that they allegedly leverage zero-day flaws in the software to gain remote access and encrypt the systems.

According to a new report published by Group-IB, exploitation of security vulnerabilities in public-facing applications emerged as the third most used vector to gain initial access, accounting for 21% of all ransomware attacks investigated by the firm in 2021.