Best Asustor confirmed to be the victim of Deadbolt ransomware
ASUS subsidiary Asustor Inc. was reported to
have been hacked, causing its network storage device (NAS) to be kidnapped by
the deadbolt blackmail virus. Asustor confirmed the incident in a press release,
stating that the team is investigating the root causes and solutions of the
blackmail virus.
Asustor, which was founded in August 2011, is
an ASUS subsidiary that was directly invested in and established. With the
meaning of "ASUS storage," it establishes its own brand
"Asustor," focusing on NAS design and R&D and integration of
related hardware, firmware, and applications.
According to an Asustor official, in response
to the deadbolt, my suitor has temporarily suspended Com DDNS service. The team
investigates the underlying causes and solutions to the blackmail virus.
The news media According to Tom's hardware, the
deadbolt kidnapping attack method hasn't changed much. It mostly infiltrates
the victim's device from the outside, then encrypts the user's data and
requests bitcoin in exchange for redemption.
If a user discovers that his NAS has been
kidnapped and attacked by deadbolt, Asustor recommends that he unplug the
network cable and turn it off first (press the power switch for 3 seconds until
you hear the beep), and then leave personal information to Asustor's
technicians, who will be contacted further.
Asustor also reminded users that in order to
protect their data and avoid a deadbolt kidnapping attack, they should change
the default ports such as ADM 8000 and 8001 and Web Services 80 and 443, close
the EZ connect service, and immediately back up their data. Disable the SSH and
SFTP services if you don't need them.
At the moment, the attacker has not requested a
ransom from Asustor but may use the same blackmail method as Unicom, that is,
pay five bitcoins and reveal the details of the attack vulnerability to Asustor
for them to repair; another option is to pay 50 bitcoin. The hacker will send a
set of general unlocking passwords to the company, which will process all
injured users' NAS devices at the same time. However, it is believed that some
victims were blackmailed and asked to pay 0.03 bitcoin (approximately $1154).
Asustor has yet to issue a statement regarding
the deadbolt attack. The best way to deal with it now is to turn off the NAS
system and wait for Asustor to repair it. Some users claim that some models,
such as as6602t, as-6210t-4k, as5304t, as6102t, or as5304t, are not infected;
other models affected are as5304t, as6404t, as5104t, and as7004t.
Vinchin Backup & Recovery is the world's most
easy-to-use, flexible and reliable cloud backup solution, which supports
most of the virtualization environments. Vinchin supports the world’s most mainstream virtual environments including
VMware, XenServer/XCP-ng, Hyper-V, RHV/oVirt, OpenStack, Sangfor HCI, Oracle
Linux Virtualization Manager and Huawei FusionCompute(Xen Based). It prevents
the loss of critical business data due to human misoperation, viruses, attacks,
hardware failures, natural disasters, wars, etc. It now supports Chinese,
English, German, Czech, etc. languages. By utilizing oVirt VM backup, instant VM recovery
and granular restore features, you can fully ensure the high recoverability of
your critical data in oVirt VMs and absolute business continuity.
Comments