I just finish reconfigure two nas...
I am going to configure add more security settings on my ASUS router and NAS.
Router settings
AiProtection - Enable
DNS - Cloudflare
DNS over TLS - Cloudflare
IPv6 - Cloudflare
Firewall -Enable
DOS - Enable
Disable internet connection on two NAS
- NAS settings
Snapshot - daily 12am
Disable all services
Disable Ezconnect
Disable DDNS
Disable registration product
Enable block up 5 times per 1 minute
Change system HTTP & HTTPS Port
Disable Admin account
Hope above setting won't get me attacked again. It's really nightmare
Deadbolt ransomware
-
- Posts: 26
- youtube meble na wymiar Warszawa
- Joined: Fri Aug 05, 2016 11:13 am
-
- Posts: 26
- Joined: Fri Aug 05, 2016 11:13 am
Re: Deadbolt ransomware
ADM 4.0.5.RUE3
Important Announcement:
In response to ransomware attacks, ADM firmware has been upgraded to fix related security issues.
ASUSTOR strongly recommends taking the following actions to ensure your data is secure:
Change your password.
Use a strong password.
Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively.
Turn off Terminal/SSH and SFTP services and other services you do not use.
Make regular backups and ensure backups are up to date.
Keep your ASUSTOR NAS up to date as updates provide security fixes.
Click here to read more about how to protect your data from ransomware.
If you've been affected by ransomware, please https://www.asustor.com/knowledge/detail/?group_id=630 to read more about how to update ADM.
Change log:
Fix security vulnerabilities.
Improved multilingual strings.
Important Announcement:
In response to ransomware attacks, ADM firmware has been upgraded to fix related security issues.
ASUSTOR strongly recommends taking the following actions to ensure your data is secure:
Change your password.
Use a strong password.
Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively.
Turn off Terminal/SSH and SFTP services and other services you do not use.
Make regular backups and ensure backups are up to date.
Keep your ASUSTOR NAS up to date as updates provide security fixes.
Click here to read more about how to protect your data from ransomware.
If you've been affected by ransomware, please https://www.asustor.com/knowledge/detail/?group_id=630 to read more about how to update ADM.
Change log:
Fix security vulnerabilities.
Improved multilingual strings.
-
- Posts: 2
- Joined: Wed Jun 15, 2022 9:32 pm
Re: Deadbolt ransomware
I have a question for someone with more experience. I was affected with Deadbolt and here is what I did:
1. Disconnect the network cable from my router
2. Disconnect WiFi from my laptop
3. Plug the network cable to my laptop
4. I saw the NAS on mu laptop's network, I opened the folders and what I saw some files was not compromise ( as SolidWorks files, Altium files..)
5. I tried to copy these files to my laptop, to save them but the laptop start to work so slow and I disconnected the network cable.
My question is: did I get Deadbolt from my NAS, is my laptop infected now?
Thank you.
1. Disconnect the network cable from my router
2. Disconnect WiFi from my laptop
3. Plug the network cable to my laptop
4. I saw the NAS on mu laptop's network, I opened the folders and what I saw some files was not compromise ( as SolidWorks files, Altium files..)
5. I tried to copy these files to my laptop, to save them but the laptop start to work so slow and I disconnected the network cable.
My question is: did I get Deadbolt from my NAS, is my laptop infected now?
Thank you.
-
- Posts: 3
- Joined: Thu Jun 16, 2022 2:11 am
Re: Deadbolt ransomware
Just your nas that's has its files encryptedztoti wrote:I have a question for someone with more experience. I was affected with Deadbolt and here is what I did:
1. Disconnect the network cable from my router
2. Disconnect WiFi from my laptop
3. Plug the network cable to my laptop
4. I saw the NAS on mu laptop's network, I opened the folders and what I saw some files was not compromise ( as SolidWorks files, Altium files..)
5. I tried to copy these files to my laptop, to save them but the laptop start to work so slow and I disconnected the network cable.
My question is: did I get Deadbolt from my NAS, is my laptop infected now?
Thank you.
-
- Posts: 1
- Joined: Thu Jun 16, 2022 8:43 pm
Re: Deadbolt ransomware
so is there any good instruction to search raid 5 to save files other than booting asustor from usblinux i think if i do it with asus way it contiues encrypyig on bacground am i right?
-
- Posts: 2
- Joined: Wed Jun 15, 2022 9:32 pm
Re: Deadbolt ransomware
I followed the solution as well, but I can't get initialization page. My server is stack without HDD in black screen forever. What should I do?Pilloso wrote:Hello, i followed the solution from Asustor:
https://www.asustor.com/en-gb/knowledge ... oup_id=630
Everything seems fine, but how can I be sure the Nas is clean of viruses?
Is it enough to update ADM, disable services and change ports?
Thanks
-
- Posts: 3
- Joined: Fri Jun 17, 2022 6:13 pm
Re: Deadbolt ransomware
Hello everyone!
I updated ADM to the latest version, entered the control panel, but found that many files have an additional .deadbolt extension and do not open.
Can we hope for real help from Asustor in this matter?
Maybe there are some anti-virus programs for the solution?
I updated ADM to the latest version, entered the control panel, but found that many files have an additional .deadbolt extension and do not open.
Can we hope for real help from Asustor in this matter?
Maybe there are some anti-virus programs for the solution?
-
- Posts: 26
- Joined: Fri Aug 05, 2016 11:13 am
Re: Deadbolt ransomware
Best solution disable internet access to your NAS or buy synology nas..peribo wrote:Hello everyone!
I updated ADM to the latest version, entered the control panel, but found that many files have an additional .deadbolt extension and do not open.
Can we hope for real help from Asustor in this matter?
Maybe there are some anti-virus programs for the solution?
-
- Posts: 3
- Joined: Fri Jun 17, 2022 6:13 pm
Re: Deadbolt ransomware
ov2rey wrote:Best solution disable internet access to your NAS or buy synology nas..peribo wrote:Hello everyone!
I updated ADM to the latest version, entered the control panel, but found that many files have an additional .deadbolt extension and do not open.
Can we hope for real help from Asustor in this matter?
Maybe there are some anti-virus programs for the solution?
This is clear. Are there options for decrypting the affected files?
-
- Posts: 13
- Joined: Sun Oct 04, 2020 2:10 am
Re: Deadbolt ransomware
Buying a Synology NAS is exactly what I did and this is exactly what I'm advising my friends and family to do. I share this issue and direct them to this forum so others are well aware of how poorly Asustor is handling this issue - for the second time. I understand the experts amongst us may disagree and blame the end user but I do not write code/program for a living so I depend on reputable and competent companies to critically evaluate their product or offer a concrete solution once an issue is identified. For those defending Asustor and blaming end users, it's akin to blaming the patient if a surgeon performs the procedure sub-optimally. Guess the patient could have watch You-Tube and done it themselves?ov2rey wrote:Best solution disable internet access to your NAS or buy synology nas..peribo wrote:Hello everyone!
I updated ADM to the latest version, entered the control panel, but found that many files have an additional .deadbolt extension and do not open.
Can we hope for real help from Asustor in this matter?
Maybe there are some anti-virus programs for the solution?