QNAP 'thoroughly investigating' new DeadBolt ransomware attacks


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Network-attached storage (NAS) vendor QNAP once again warned customers on Friday to secure their devices against a new campaign of attacks pushing DeadBolt ransomware.

The company is urging users to update their NAS devices to the latest firmware version and ensure they're not exposed to remote access over the Internet.

"QNAP recently detected a new DeadBolt ransomware campaign. According to victim reports so far, the campaign appears to target QNAP NAS devices running QTS 4.x," QNAP said today.

"We are thoroughly investigating the case and will provide further information as soon as possible."

This warning follows multiple three other alerts the company has issued since the beginning of 2022 [1, 2, 3], all advising users to keep their devices up to date and not expose them to Internet access.
The company "strongly" recommends that all users immediately update the QTS or QuTS hero operating systems on their NAS devices to the latest version.

As QNAP said, upgrading the firmware on a compromised device will allow the built-in Malware Remover app to automatically quarantine the DeadBolt ransom note known to hijack the login page.

QNAP also advises those who cannot locate the ransom note after upgrading the firmware to enter the DeadBolt decryption key to reach out to QNAP Support for assistance.

However, before contacting QNAP's customer service, you should first try restoring the DeadBolt page using the steps detailed on this support page.

Because QNAP devices are also being targeted with other ransomware strains, including Qlocker and eCh0raix, all owners should keep their devices up to date to secure their data from future attacks.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.