Qnap Developers Fix 0-Day Vulnerability That Deadbolt Abused

0-day vulnerability in Qnap
Written by Emma Davis

Qnap warned customers about a new wave of DeadBolt ransomware attacks: this time, the malware exploited a 0-day vulnerability in Photo Station, which the developers rushed to fix.

Let me remind you that we also reported that Qnap forces updates to be installed because DeadBolt ransomware hacked 3600 NAS.

The Taiwanese manufacturer reports that the attacks began on September 3, 2022, targeting web-accessible Qnap NAS devices running affected versions of Photo Station.

0-day vulnerability in Qnap
Splash of attacks recorded by Ransomware ID

So far, the problem has been quickly fixed in the following versions:

  1. QTS 5.0.1: Photo Station 6.1.2 and above;
  2. QTS 5.0.0/4.5.x: Photo Station 6.0.22 or higher;
  3. QTS 4.3.6: Photo Station 5.7.18 and above;
  4. QTS 4.3.3: Photo Station 5.4.15 and above;
  5. QTS 4.2.6: Photo Station 5.2.14 and above.

Although the details of the vulnerability itself have not yet been disclosed, the developers urge users to update Photo Station to the latest version as soon as possible. It is also suggested as an alternative to replace Photo Station with the more secure photo management tool QuMagie. In addition, NAS owners are not recommended to connect to the Internet directly:

We recommend using the myQNAPcloud Link feature provided by QNAP or enabling VPN.the company wrote.

Let me remind you that the DeadBolt ransomware has been attacking NAS from various manufacturers since the beginning of 2022. Basically, the ransomware โ€œspecializesโ€ on Qnap devices, but attacks on ASUSTOR NAS have also been detected.

The attackers reported that they were ready to sell the master key, which will help to decrypt the files of all the victims, and sell all information about 0-day in the ASUSTOR NAS for 50 bitcoins, that is, for almost 1.9 million US dollars. Approximately the same requirements attackers tried to put forward and the company Qnap.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.