弊社のウェブページの改善のためにクッキーを使用しています。弊社のクッキーポリシーをお読みください。

AS-2022-002: ADM: DeadBolt ransomware

2022-03-28

Severity

Critical

Status

Resolved


Statement

An emergency update to ADM is provided in response to Deadbolt ransomware affecting ASUSTOR devices. ASUSTOR urges all users to install the latest version of ADM as soon as possible to protect themselves and minimize the risk of a Deadbolt infection. ASUSTOR also recommends taking measures to guard against the potential harms of Deadbolt in accordance with the previously announced protective measures.


Affected Products

Product Severity Fixed Release Availability
ADM 4.0 Critical Upgrade to 4.0.4.RQO2 or above.
ADM 3.5 Critical Upgrade to 3.5.9.RQO2 or above.

Recommendation

In response to ransomware attacks, ADM firmware has been upgraded to fix related security issues.

ASUSTOR strongly recommends taking the following actions to ensure your data is secure:

  • Change your password.
  • Use a strong password.
  • Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively.
  • Turn off Terminal/SSH and SFTP services and other services you do not use.
  • Make regular backups and ensure backups are up to date.

Keep your ASUSTOR NAS up to date as updates provide security fixes.

Click here to read more about how to protect your data from ransomware.


If you've been affected by ransomware, please click here to read more about how to update ADM.


Detail

  • The DEADBOLT ransomware started to attack certain ASUSTOR NAS devices on February 21. The ransomware encrypts files, renames them with a .deadbolt extension and hijacks the ADM login page with a ransom note.

Reference


Revision

Revision Date Description
1 2022-02-22 Initial public release.
2 2022-02-24 Release ADM 4.0.4.RQO2 and ADM 3.5.9.RQO2 to quarantine the ransom note and recover the ADM login page.
3 2022-03-02 Release ADM 4.0.4.RR23 and ADM 3.5.9.RR23 to enhance the security.
4 2022-03-28 Release ADM 4.0.5.RRS1 and ADM 3.5.9.RRS1 to enhance the security.