QNAP warns NAS users of DeadBolt ransomware, urges customers to update

Taiwanese network-attached storage giant QNAP urged its customers to update their systems this week after the DeadBolt ransomware was discovered targeting all NAS instances exposed to the internet.

“QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP NAS and routers, and immediately update QTS to the latest available version,” the company said in a statement. 

Attached to the statement is a detailed guide for customers, noting that if you go to the Security Counselor on your QNAP NAS and see “The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP” on the dashboard, you are at high risk. 

“If your NAS is exposed to the Internet, please follow the instructions below to ensure NAS security: Go to the management interface of your router, check the Virtual Server, NAT or Port Forwarding settings, and disable the port forwarding setting of NAS management service port (port 8080 and 443 by default),” the company said. 

“Go to myQNAPcloud on the QTS menu, click the “Auto Router Configuration”, and unselect “Enable UPnP Port forwarding.”

Two days ago, dozens of people took to QNAP message boards and Reddit to say they logged

Read More: https://www.zdnet.com/article/qnap-warns-nas-users-of-deadbolt-ransomware-urges-customers-to-update/#ftag=RSSbaffb68