{"id":3541,"date":"2022-01-26T10:54:06","date_gmt":"2022-01-26T09:54:06","guid":{"rendered":"https:\/\/sajberinfo.com\/2022\/11\/21\/text-82\/"},"modified":"2022-12-04T13:25:29","modified_gmt":"2022-12-04T12:25:29","slug":"deadbolt-ransomware-napada-qnap-nas-uredjaje","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2022\/01\/26\/deadbolt-ransomware-napada-qnap-nas-uredjaje\/","title":{"rendered":"DeadBolt ransomware napada QNAP NAS ure\u0111aje"},"content":{"rendered":"<div id=\"attachment_3597\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-3597\" class=\"size-full wp-image-3597\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/qnap-3-1024x768-1.jpg\" alt=\"DeadBolt ransomware targets QNAP devices\" width=\"1024\" height=\"455\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/qnap-3-1024x768-1.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/qnap-3-1024x768-1-300x133.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/qnap-3-1024x768-1-768x341.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/qnap-3-1024x768-1-18x8.jpg 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-3597\" class=\"wp-caption-text\"><em>DeadBolt<\/em> ransomware<\/p><\/div>\n<p class=\"MsoNormal\" style=\"text-align: left;\"><span style=\"font-size: 14pt;\">Internet stranica <em><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key\/\" target=\"_blank\" rel=\"noopener\">BleepingComputer<\/a><\/em>j e ju\u010de objavila da <em>DeadBolt ransomware<\/em> napad na <em>QNAP NAS <\/em>ure\u0111aje uz pretpostavku da se radi o <em>zero-day<\/em> ranjivosti ure\u0111aja. Napadi na korisnike su po\u010deli 25. januara, a korisnici na ure\u0111ajima pronalaze enkriptovane dokumente sa ekstenzjiom \u201c<em>.deadbolt<\/em>\u201d. Umjesto uobi\u010dajene poruke u svakom folderu na ure\u0111aju, preuzeta je <em>QNAP<\/em> stranica za prijavu na ure\u0111aj, umjesto koje se prikazuje poruka upozorenja da se radi o\u00a0 <em>ransomware<\/em> napadu i da napada\u010di zahtijevaju 0,03 <em>bitcoin<\/em>-a (oko <i>$<\/i>1.100).<\/span><\/p>\n<div id=\"attachment_3598\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-3598\" class=\"size-full wp-image-3598\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/ransom-note-screen.jpg\" alt=\"Ransom note on the hijacked QNAP login page\" width=\"1024\" height=\"927\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/ransom-note-screen.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/ransom-note-screen-300x272.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/ransom-note-screen-768x695.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2022\/11\/ransom-note-screen-13x12.jpg 13w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-3598\" class=\"wp-caption-text\"><em>DeadBolt <\/em>ransom note, Source: <em><a href=\"https:\/\/twitter.com\/idobitom\/status\/1486065172598853635\" target=\"_blank\" rel=\"noopener\">Twitter<\/a><\/em><\/p><\/div>\n<p class=\"MsoNormal\" style=\"text-align: left;\"><span style=\"font-size: 14pt;\">Kompanija <em>QNAP<\/em> se oglasila danas <a href=\"https:\/\/www.qnap.com\/en\/security-news\/2022\/take-immediate-actions-to-stop-your-nas-from-exposing-to-the-internet-and-fight-against-ransomware-together\" target=\"_blank\" rel=\"noopener\">sa upozorenjem svim korisnicima<\/a> da za\u0161tite svoje ure\u0111aje koji su dostupni preko Interneta. Ukoliko korisnici u <em>Security Counselor<\/em>-u vide poruku: \u201e<em>The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP<\/em>\u201c ure\u0111aj\u00a0 je sa visokim rizikom izlo\u017een napadu. Korisnicima se preporu\u010duje da odmah preuzmu posljednje dostupno a\u017euriranje, kako bi zaustavili <em>DeadBolt ransomware<\/em> napad. Korisnici koji imaju <em>NAS<\/em> ure\u0111aje izlo\u017eene na Internetu bi trebali odmah preuzeti sljede\u0107e korake kao bi se za\u0161titili:<\/span><\/p>\n<p class=\"MsoNormal\" style=\"text-align: left;\"><span style=\"font-size: 14pt;\"><span style=\"font-family: inherit;\">&#8211; Onemogu\u0107iti <em>Port Forwarding <\/em>na ruteru za podrazumijevane portove 8080 i 433.<\/span><\/span><\/p>\n<p class=\"MsoNormal\" style=\"text-align: left;\"><span style=\"font-size: 14pt;\"><span style=\"font-family: inherit;\">&#8211; Onemogu\u0107iti <em>UPnP<\/em> fukciju na <em>QNAP NAS<\/em> ure\u0111ajima tako \u0161to \u0107e u <em>QTS <\/em>meniju oti\u0107i na myQNAPcloud i kliknuti na &#8220;<em>Auto Router Configuration<\/em>\u201c i od\u010dekirati opciju &#8220;<em>Enable UPnP Port forwarding<\/em><i>\u201c<\/i>.<\/span><\/span><\/p>\n<p class=\"MsoNormal\" style=\"text-align: left;\"><span style=\"font-size: 14pt;\"><span style=\"font-family: inherit;\">Korisnci bi tako\u0111er terbali da izsklju\u010de <em>SSH <\/em>i <em>Telnet<\/em>, promjene sistemski port i lozinku za pristup ure\u0111aju. Detaljnije upustvo <a href=\"https:\/\/www.qnap.com\/en\/security-advisory\/nas-201911-01\" target=\"_blank\" rel=\"noopener\">ovdje<\/a>.<\/span><\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Internet stranica BleepingComputerj e ju\u010de objavila da DeadBolt ransomware napad na QNAP NAS ure\u0111aje uz pretpostavku da se radi o zero-day ranjivosti ure\u0111aja. Napadi na korisnike su po\u010deli 25. januara, a korisnici na ure\u0111ajima&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":3597,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[93,131,132,133,65,64],"class_list":["post-3541","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-malware","tag-nas","tag-qnap","tag-ransomware","tag-rezervna-kopija","tag-sajber-prijetnja"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/3541","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=3541"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/3541\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/3597"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=3541"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=3541"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=3541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}