QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw

QNAP has issued a new advisory urging users of its network-attached storage (NAS) devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software.

The Taiwanese company said it detected the attacks on September 3 and that “the campaign appears to target QNAP NAS devices running Photo Station with internet exposure.”

The issue has been addressed in the following versions –

QTS 5.0.1: Photo Station 6.1.2 and later
QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later
QTS 4.3.6: Photo Station 5.7.18 and later
QTS 4.3.3: Photo Station 5.4.15 and later
QTS 4.2.6: Photo Station 5.2.14 and later

Details of the flaw have been kept under wraps for now, but the company is advising users to disable port forwarding on the routers, prevent NAS devices from being accessible on the Internet, upgrade NAS firmware, apply strong passwords for user accounts, and take regular backups to prevent data loss.

The latest development marks the fifth round of DeadBolt attacks aimed at QNAP appliances since January 2022, followed by similar incursions in March, May, and June.

According to the latest stats compiled by Censys, a search engine for IoT devices and internet assets, DeadBolt has compromised around 17,813 devices as of September 5, with infections jumping from 7,748 on September 1 to reach a high of 19,029 on September 4.

A majority of the hacked devices are located in the U.S. (2,385), Germany (1,596), Italy (1,293), Taiwan (1,173), the U.K. (1,156), France (1,069), Hong Kong (995), Japan (962), Australia (684), and Canada (646).

“QNAP NAS should not be directly connected to the Internet,” the company said. “We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. This can effectively harden the NAS and decrease the chance of being attacked.”

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

https://thehackernews.com/2022/09/qnap-warns-of-new-deadbolt-ransomware.html

Leave a Comment Cancel Reply

London, GB

8:48 am, Jul 7, 2025

14°C

L: 13° | H: 14°

Feels like 13°C° broken clouds

Humidity: 89 %

Pressure: 1010 mb

Wind: 9 mph N

Wind Gust: 0 mph

UV Index: 0

Precipitation: 0 mm

Clouds: 75%

Rain Chance: 0%

Visibility: 10 km

Sunrise: 4:52 am

Sunset: 9:18 pm

DailyHourly

Daily ForecastHourly Forecast

Today 10:00 pm

13° | 14°°C 1 mm 100% 11 mph 89 % 1014 mb 0 mm/h

Tomorrow 10:00 pm

13° | 24°°C 0.2 mm 20% 11 mph 76 % 1020 mb 0 mm/h

Wed Jul 09 10:00 pm

15° | 24°°C 0.35 mm 35% 5 mph 68 % 1023 mb 0 mm/h

Thu Jul 10 10:00 pm

18° | 31°°C 0 mm 0% 7 mph 75 % 1024 mb 0 mm/h

Fri Jul 11 10:00 pm

19° | 29°°C 0 mm 0% 10 mph 61 % 1023 mb 0 mm/h

Today 10:00 am

14° | 16°°C 1 mm 100% 11 mph 89 % 1011 mb 0 mm/h

Today 1:00 pm

17° | 23°°C 0.7 mm 70% 11 mph 73 % 1011 mb 0 mm/h

Today 4:00 pm

18° | 21°°C 0 mm 0% 10 mph 56 % 1012 mb 0 mm/h

Today 7:00 pm

21° | 21°°C 0 mm 0% 6 mph 41 % 1013 mb 0 mm/h

Today 10:00 pm

17° | 17°°C 0 mm 0% 10 mph 51 % 1014 mb 0 mm/h

Tomorrow 1:00 am

16° | 16°°C 0.2 mm 20% 10 mph 72 % 1015 mb 0 mm/h

Tomorrow 4:00 am

13° | 13°°C 0 mm 0% 11 mph 76 % 1015 mb 0 mm/h

Tomorrow 7:00 am

13° | 13°°C 0 mm 0% 9 mph 73 % 1017 mb 0 mm/h

Name	Price	24H (%)
Bitcoin(BTC)	€92,488.30	0.81%
Ethereum(ETH)	€2,184.74	2.13%
Tether(USDT)	€0.85	-0.01%
XRP(XRP)	€1.93	1.89%
Solana(SOL)	€128.92	2.54%
USDC(USDC)	€0.85	-0.01%
Dogecoin(DOGE)	€0.146931	5.57%
Shiba Inu(SHIB)	€0.000010	2.10%
Pepe(PEPE)	€0.000008	3.46%

QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw

Share:

Leave a Comment Cancel Reply

Utility link

Useful link

Newsletter

Follow Us