ASUSTOR NAS devices are targeted recently by the DeadBolt ransomware group.
The attackers encrypted the files on an ASUSTOR device and renamed them with .deadbolt file extension.
A ransom note was being displayed on the login screen of the users with a demand for 0.03 bitcoin worth $1150 to receive a decryption key.
Source: https://cyware.com/news/deadbolt-ransomware-eyeing-asustor-devices-5fef8a92
TPRM report: https://scoringcyber.rankiteo.com/company/asustor-inc-
"id": "asu16381322",
"linkid": "asustor-inc-",
"type": "Ransomware",
"date": "02/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Technology',
'name': 'ASUSTOR',
'type': 'Company'}],
'attack_vector': 'Encryption of files and renaming with .deadbolt extension',
'data_breach': {'data_encryption': 'Yes'},
'description': 'ASUSTOR NAS devices are targeted recently by the DeadBolt '
'ransomware group. The attackers encrypted the files on an '
'ASUSTOR device and renamed them with .deadbolt file '
'extension. A ransom note was being displayed on the login '
'screen of the users with a demand for 0.03 bitcoin worth '
'$1150 to receive a decryption key.',
'impact': {'systems_affected': 'ASUSTOR NAS devices'},
'motivation': 'Financial gain',
'ransomware': {'data_encryption': 'Yes',
'ransom_demanded': '0.03 bitcoin worth $1150',
'ransomware_strain': 'DeadBolt'},
'threat_actor': 'DeadBolt ransomware group',
'title': 'DeadBolt Ransomware Attack on ASUSTOR NAS Devices',
'type': 'Ransomware'}