Deadbolt Ransomware Goes After QNAP NAS Devices

ransomware

QNAP Network Attached Storage (NAS) devices are once again under attack by ransomware. This time, the criminals are using a piece of malware known as the DeadBolt Ransomware. Unfortunately, it appears to be impossible to decrypt via free tools, and victims might have a hard time restoring the data on their QNAP devices. Currently, the only viable way to undo the damage that the DeadBolt Ransomware does is to restore from a backup.

When the DeadBolt Ransomware infiltrates a QNAP NAS device, it will immediately launch a file-locking attack. During this process, it will attempt to encrypt as many files as possible, appending the '.deadbolt' extension to their name. It then hijacks the device's login page, and replaces it with a pre-made message, which contains the ransom note. Victims are told to pay a ransom fee of 0.03 Bitcoin (about $1,100 for the decryptor.)

It appears that the DeadBolt Ransomware are targeting QNAP devices specifically, and they might be using an unknown exploit. Their ransom message also includes a section, which is meant for the QNAP vendor to read. In this excerpt, the criminals make the following proposals:

  • They are willing to disclose the infection vector if QNAP pays 5 Bitcoin (about $184,000.)
  • They will provide a master decryption key that works for all victims in exchange for 50 Bitcoin.

Last but not least, the criminals rely entirely on the Bitcoin network to communicate with their victims or QNAP. They ask to receive a transaction first, and claim to then send another transaction, which contains the instructions. Victims of the DeadBolt Ransomware are advised to refrain from paying the ransom fee, and to explore alternative data recovery options.

By Ruik
January 27, 2022
Ransomware
English
January 27, 2022
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Ransomware

The Qlocker Ransomware Targets QNAP Devices

Over the past year, QNAP devices have become the target of multiple large-scale attack campaigns carried out by anonymous cybercriminals. Many of these attacks involved the use of file-encryption Trojans and,... Read more

April 22, 2021
Malware

oom_reaper Malware Discovered on QNAP NAS Devices

Malware has gone a long way in the past decade. Before, most malware was focused on harvesting information, spying users, or damaging their files. And while many modern malware families still do this, there are also... Read more

December 9, 2021
Ransomware

Remove NaS Ransomware

The NaS Ransomware is a dangerous piece of malware that could infect your system. Thankfully, it is easy to keep your computer and data safe – up-to-date antivirus software can fully prevent the NaS Ransomware attack.... Read more

October 13, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.