The NAS devices around are often being found vulnerable; then a call comes from companies for patching them immediately. Once again, a new vulnerability was found in NAS devices; this time from QNAP requiring immediate action against ransomware attacks.
TS-x51 and TS-x53 series are vulnerable
The QNAP NAS devices that run QTS 4.3.6 and QTS 4.1.1 software are vulnerable. That includes the TS-x51 and TS-x53 series from QNAP’s product catalog. As those products are attacked, users will be welcomed with a warning in the login interface that demands ransomware in Bitcoin. In that case, all the files in the NAS device are encrypted in the AES128 algorithm and have changed to the .deadbolt extension.
Security researcher Michael Gillespie has published free a decrypting tool for Deadbolt ransomware. However, it currently only runs on Windows devices; the software can’t decrypt the NAS devices. Currently, QNAP urges its customers to patch their products immediately.
Security researchers also recommend users block port forwarding on home routers as well as disable UPnP in the NAS control panels to prevent exposing them to the internet. In addition, toggling off SSH and Telnet connections will be useful.