The Taiwanese manufacturer NAS has recently been hit by this type of attack ransomware
. The attackers target the user’s NAS and encrypt its contents. They then send a redemption letter asking for a down payment Bitcoin
Reopen access to this data.
For now, Asustor seems particularly annoyed and has given no instructions other than disconnecting NAS from the Internet. Of course, NAS, which is used exclusively domestically, is unlikely to be affected by what experts call the DeadBolt attack.
Asustor indicates that it is working on a bug fix, and if it’s good to be cautious, the problem seems to be related to the EZ connection tool. Most notably, the demo of the NAS interface on the Asustor site is also affected: this was taken offline by the manufacturer.
No official list of NAS victims of the problem has been released by Asustor. However, it is possible for infected users to install one: AS5304T, AS6204T, AS6404T, AS5104T and AS7004T. Of course, this does not mean that others are safe, and we recommend that all Asustor users disconnect their NAS from the Internet for now.