The Taiwanese company QNAP cautions customers about DeadBolt ransomware attacks upon exploiting a zero-day vulnerability in Photo Station. QNAP detected the issue on September 3.
In its security bulletin, QNAP explains that the ransomware exploits this vulnerability to compromise NAS directly connected to the Internet, and then encrypt the data.
For a functioning decryptor, DeadBolt often requested a payment of little over $1,000 from victims of these attacks.
Security Updates Are Available
QNAP released security updates for Photo Station twelve hours after its detection. It is advised for NAS users to immediately update to the most recent version. Fixed versions are listed as:
- QTS 5.0.1 – Photo Station 6.1.2 and later
- QTS 5.0.0/4.5.x – Photo Station 6.0.22 and later
- QTS 4.3.6 – Photo Station 5.7.18 and later
- QTS 4.3.3 – Photo Station 5.4.15 and later
- QTS 4.2.6 – Photo Station 5.2.14 and later