我們使用 cookie 來幫助我們改善網頁體驗。請閱讀我們的 Cookie 政策

AS-2022-008: ADM: DeadBolt ransomware

2022-06-14

Severity

Critical

Status

Resolved


Statement

An emergency update to ADM is provided in response to new Deadbolt ransomware affecting ASUSTOR devices. ASUSTOR urges all users to install the latest version of ADM as soon as possible to protect themselves and minimize the risk of a Deadbolt infection. ASUSTOR also recommends taking measures to guard against the potential harms of Deadbolt in accordance with the previously announced protective measures.


Affected Products

Product Severity Fixed Release Availability
ADM 4.0 Critical Upgrade to 4.0.5.RUE3 or above.
ADM 3.5 Critical Upgrade to 3.5.9.RUE3 or above.

Recommendation

In response to ransomware attacks, ADM firmware has been upgraded to fix related security issues.

ASUSTOR strongly recommends taking the following actions to ensure your data is secure:

  • Change your password.
  • Use a strong password.
  • Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively.
  • Turn off Terminal/SSH and SFTP services and other services you do not use.
  • Make regular backups and ensure backups are up to date.

Keep your ASUSTOR NAS up to date as updates provide security fixes.

Click here to read more about how to protect your data from ransomware.


If you've been affected by ransomware, please click here to read more about how to update ADM.


Detail

  • The new DEADBOLT ransomware started to attack certain ASUSTOR NAS devices on June 10. The ransomware encrypts files, renames them with a .deadbolt extension and hijacks the ADM login page with a ransom note.

Reference


Revision

Revision Date Description
1 2022-06-10 Initial public release.
2 2022-06-14 Release ADM 4.0.5.RUE3 and ADM 3.5.9.RUE3 to fix the issue, quarantine the ransom note and recover the ADM login page.