Following yet another wave of DeadBolt ransomware attacks using a zero-day vulnerability in the software, QNAP has released a fresh alert asking users of its network-attached storage (NAS) devices to upgrade to the most recent version of Photo Station.
According to the Taiwanese company, the attacks were discovered on September 3. The campaign appears to target QNAP NAS machines running Photo Station with internet exposure.”
The following versions address the issues:
- QTS 5.0.1: Photo Station 6.1.2 and later
- QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later
- QTS 4.3.6: Photo Station 5.7.18 and later
- QTS 4.3.3: Photo Station 5.4.15 and later
- QTS 4.2.6: Photo Station 5.2.14 and later
The company advises users to disable port forwarding on their routers, prohibit accessing NAS devices through the Internet, upgrade NAS firmware, and use strong passwords for user accounts. Perform regular backups to prevent data loss while the specifics of the vulnerability are still unknown.
The most recent development represents the fourth DeadBolt assault on QNAP devices since January 2022, which was followed by comparable incursions in May and June.
The manufacturer advised against directly connecting QNAP NAS to the Internet. “We advise users to use the VPN service or use the myQNAPcloud Link feature offered by QNAP. To effectively harden and reduce vulnerabilities of NAS use the above procedure.
