We have had reports of the ‘Deadbolt’ ransomware affecting kindergartens. The Deadbolt ransomware targets computers and networked attached storage (NAS). Just like your computer, NAS devices should be kept secure by running security updates and turning off vulnerabilities. If your service has a network attached storage device such as a QNAP or other storage device, ensure that you have updated it to the latest version.
Ransomware is malicious software that encrypts files on a victim’s device or drives. The encrypted files are then unusable to anyone without the decryption key. Once the attack starts the ransomware warns the victim on how to pay a ransom in order to unlock their data
On QNAP NAS devices, DeadBolt ransomware hijacks the device’s login page to display a screen stating, “WARNING: Your files have been locked by DeadBolt.” Once activated it encrypts files, and appends .deadbolt extension to the file names.
QNap provided information about this vulnerability here DeadBolt Ransomware – Security Advisory | QNAP including guidance on how to update your QNAP and further steps to secure it as described here: QNAP alerts NAS customers of new DeadBolt ransomware attacks (bleepingcomputer.com)
If you are uncertain that your device is running updated software you are welcome to call and we can assist you.
A QNAP NAS drive:
