Do You Have an Asustor NAS, Shut It Down!

Asustor NAS owners on Reddit and the official Asustor forums have been notified that they’ve fallen victim to a DeadBolt ransomware attack.

Asustor NAS

DeadBolt has been in the wild for a while since then, infecting non-protected NAS systems that connect to the Internet. The ransomware has previously destroyed QNAP devices, and it appears that Asustor was next in line to be a victim.

DeadBolt’s method of operation hasn’t changed significantly. The attacker remotely enters the victim’s NAS and then encrypts their data and demands a ransom payment in bitcoins. Each victim is issued an individual Bitcoin address to transfer the money. After the payment is processed, the criminal will send the victim a decryption key that will decrypt the files on the affected NAS system. The perpetrators ask for 0.03 bitcoin, which according to the current exchange rate of $1,154. This is the exact amount the hijackers demanded from their QNAP victims. The group did not offer Asustor anything. With QNAP, the group offered to share the vulnerabilities with Asustor in exchange for 5 bitcoins ($184,000) or even sell the universal master key for decryption at 50 Bitcoins ($1.85 million).

Users of Asustor who synchronize the files on their NAS to cloud services such as Microsoft OneDrive or Google Drive must cut off the link as quickly as is possible. For example, a Redditor posted about how his infected system had pushed protected files onto the OneDrive and Google Drive accounts. Although he could retrieve these files using the first, he couldn’t find any success with the second.

Asustor hasn’t stated its response to the DeadBolt attack. The latest advice is to unplug your NAS device from the Internet and wait for Asustor’s solution. Owners suspect that the DeadBolt could access the system through Asustor’s Easy Connect utility which lets users access the NAS systems from any part of the globe. It’s also funny that the live demonstration of ADM (Asustor Data Master), which is the operating system used by Asustor NAS devices, wasn’t removed from the DeadBolt.


It’s unknown whether the majority of Asustor NAS devices are susceptible to the DeadBolt attack since users report that some models, including the AS6602T, AS-6210T-4K AS5304T, and AS6102T, as well as AS5304T, are not affected by the infection. However, the susceptible models are AS5304T, AS6404T, AS5304T, AS6404T, AS5104T, and AS704T and AS7004T.

Let’s say you’re one of those lucky ones who weren’t infected. If that’s the case, one Redditor suggests taking preventative measures like turning off EZ Connect, automatically updating SSH, blocking all NAS ports on your router, and permitting connections to your network.

FTC: We use income earning auto affiliate links. More.


Latest

Stadia, Google’s foray into cloud gaming, will shut down in January

Google’s latest gaming project has ended in failure. The...

Dyson V12 Detect Slim Review: Why you should Buy

The latest cordless vacuum cleaner from Dyson, doesn't just...

Valve Is Changing Their Steam Sale Schedule: Dates for autumn, winter, and spring

Valve's store confirms when the new Steam Sales are...

Newsletter

Don't miss

Stadia, Google’s foray into cloud gaming, will shut down in January

Google’s latest gaming project has ended in failure. The...

Dyson V12 Detect Slim Review: Why you should Buy

The latest cordless vacuum cleaner from Dyson, doesn't just...

Valve Is Changing Their Steam Sale Schedule: Dates for autumn, winter, and spring

Valve's store confirms when the new Steam Sales are...

Mercedes-Benz’s electric G-Wagen is coming in mid-2024, chairman says

Mercedes-Benz’s electric G-Wagen will arrive in mid-2024, the company’s...
Aizaz khan
Aizaz khanhttps://myelectricsparks.com/aizaz-khan/
Aizaz was the first person to get a byline on his blog on technology from his home in Bannu in 2017. Then, he went on to a career in breaking things professionally at my electric sparks which is where he eventually took over the kit as a hardware editor. Today, as the senior editor of hardware for my electric sparks, he spends time reporting about the most recent developments in the hardware industry and technology. If he's not reporting on hardware or electronics, you'll see him trying to be as remote from the world of technology as possible through camping in the wild.

Stadia, Google’s foray into cloud gaming, will shut down in January

Google’s latest gaming project has ended in failure. The company announced yesterday that its Stadia cloud gaming platform, which lets you stream games like you would...

Dyson V12 Detect Slim Review: Why you should Buy

The latest cordless vacuum cleaner from Dyson, doesn't just clean but also shows you what you’re cleaning The Dyson V12 Detect Slim makes some significant...

Valve Is Changing Their Steam Sale Schedule: Dates for autumn, winter, and spring

Valve's store confirms when the new Steam Sales are coming and advances the dates of all the sales that will take place between now...

LEAVE A REPLY

Please enter your comment!
Please enter your name here