ninja issen – ninja issen
[ad_1]
The attack infects the user’s NAS and proceeds to encrypt its contents, leaving each user with a message pointing towards a unique Bitcoin address. The offer: receive the decryption key in exchange for 0.03 Bitcoin (~$1,102, ~€976) – the same value asked at the time of the QNAP attack. Curiosamente, Asustor doesn’t seem to have received the same offer the perpetrators put forward to QNAP: 5 Bitcoin (~$183,906, ~€162,267) in return for information for the exploit data (€162,799) – or a universal decryption key for all affected users for 50 Bitcoin (~$1,8 million). That last bit there serves to put pressure on the company to pay up for the affected users, which could put pressure on it to take the deal.
For now, Asustor hasn’t issued any guidance to affected users other than them disconnecting their NAS from the networks until the company releases a fix (which form exactly this fix will take is a mystery). It’s speculated that the hackers gained access to the Asustor NAS products via their EZ Connect utility. And apparently Asustor’s own product demo was hosted in a now compromised storage solution, as its Asustor Data Master (ADM) Live Demo has been brought down.
An official listing of affected products isn’t currently available. Sin embargo, affected users have collated a listing of sorts according to their own reports. In them, affected models so far seem to be restricted to the AS5304T, AS6404T, AS5104T, and AS7004T NAS devices. Otros, such as the AS6602T, AS-6210T-4K, AS5304T, AS6102T, or AS5304T, are (at least so far) free of infection reports. Users within the forums are recommending that other Asustor-deploying consumers disable the EZ Connect utility, automatic updates and SSH, alongside blocking all NAS ports and only allowing connections from within the users’ network.
[ad_2]