Search

What should I do if I found the NAS encrypted by Deadbolt?

Laatst gewijzigd op: 2022-10-06

Applicable Products

  • Security
  • Malware Remover

Detail

You may have received the following message:

Detected high-risk malware. To protect your device, please immediately update the firmware to the latest version, restart the device, and then perform a malware scan to remove the malware.

After investigation, we believe that the attack is related to qsa-22-24.

We strongly recommend performing the following steps:

  1. Take a screenshot of deadbolt ransomware page and save the file to your computer.

  2. Access QTS web interface by adding /cgi-bin/index.cgi after the URL https://NAS_IP or http://NAS_IP:8080.
    (for example the NAS has IP address has 192.168.0.2 , using https://192.168.0.2/cgi-bin/index.cgi or http://192.168.0.2:8080/cgi-bin/index.cgi)

  3. Log in to QTS as an administrator

    1. Go to myQNAPcloud app > Auto Router Configuration, disable Auto Router Configuration.
    2. Open App Center, upgrade all the apps to latest version and install Malware Remover if not installed.
    3. Open Malware Remover, click "Start Scan" and wait for Scan Complete
    4. Upgrade the NAS firmware to the latest version use QTS web interface via Control Panel > Firmware Upgrade.

  1. To maximize security, disable port forwarding to stop exposing the NAS to the internet and follow the best practice of enhancing NAS security.

Further Reading



Was dit artikel nuttig?

Ja. Nee.
21% van de mensen vond dit nuttig
Bedankt voor uw feedback.

Vertel ons a.u.b. hoe we dit artikel kunnen verbeteren.

Hieronder kunt u eventuele aanvullende feedback toevoegen.

Kies specificatie

      Toon meer Minder

      Deze website in andere landen/regio's:

      open menu
      back to top