[RANSOMWARE] >>READ 1st Post<< Deadbolt

[dolbyman]

But I wanna expose my services..wannaaaaa

Malware makers love this guy...

[vwr18]

Ok guys and girls need to ask this to whom has paid the ransom did you pay 0.0300 btc and then the 0.0005460 btc for commission or just one transatction of 0.03005460 btc. only asking as this is a lot of money to get wrong and not get a key in the end.

Also can I enter the key once I do have it on the Qnap without any internet or network plugged (just an offline laptop on an 5 port hub) into it to start and complete the decryption of the files?

thanks

[dolbyman]

Have you even tried to search the thread ?

viewtopic.php?f=45&t=164797&p=809075&hilit=paid#p809075
viewtopic.php?f=45&t=164797&p=808762&hilit=paid#p808762
viewtopic.php?f=45&t=164797&p=808711&hilit=paid#p808711
viewtopic.php?f=45&t=164797&p=808699&hilit=paid#p808699
viewtopic.php?f=45&t=164797&p=808629&hilit=paid#p808629

[vwr18]

I have read every page on this topic before i posted my question but no one said that you must pay in all in one go or in 2 payments so that account is up to required capacity, also if decryption works offline completely as my device is just running off power no network connection to it at all. sorry for if any stupid question I was asking I was nowhere up to speed on how bitcoin works until last 6 hours of today.

[zagi988]

But I wanna expose my services..wannaaaaa

Malware makers love this guy...

What's the point of having a NAS that can be released online if I can't use it that way? Seems to me that simple htpasswd index folder is more secure than QNAP.

[dolbyman]

The purpose of a NAS is to serve files in your LAN. All the "private cloud" stuff was just introduced to sell more units to users who only see ad promises but have no idea what it means in real life.

Keep you NAS in your LAN .. easy

[zagi988]

Yeah, that's how I'm using it now... And accessing the files using https://github.com/filebrowser/filebrowser/ that is running on my home server. It's also a ton faster than TS-412
Oh well, we'll keep it offline. At least HBS is still doing the backups and Download station works.

[PhilD]

Neither of my NAS units did a forced update. The newer one wanted a firmware update Tuesday or Wednesday which I did. Currently neither are hacked, but I have some concerns about the older NAS. Both NAS units have been disconnected as of today from QnapCloud as it is not necessary at this time for any remote file access. All UPnP has been turned off on both, and neither have any ports forwarded.

I have 2 Qnap rack NAS units, and is updated according to the firmware check,
Model: TVS-1271U-RP
Current firmware version: 5.0.0.1891 (don't know the build but NAS is set to auto check for updates and claims it is current)

The older NAS rarely receives firmware updates from QNAP and when it does it's usually quite some time after the current firmware updates even if it is security related.
Model: TS-EC879U-RP Current firmware version: 4.3.6.1907

Best info I can find is the following
The following versions of the operating system are not affected with nothing mentioning the 4.3.6.1907 version or other older versions as being affected or not:
QTS 5.0.0.1891 build 20211221 and later.
QTS 4.5.4.1892 build 20211223 and later.
QuTS hero h5.0.0.1892 build 20211222 and later.
QuTScloud c5.0.0.1919 build 20220119 and later.

Is there no way to install newer firmware versions (4.5.4.1892 or even 5.0.0.1891) of firmware on older (TS-EC879U-RP) systems? The older NAS is the better performing most trouble free of the two and it's not going to be retired. It seems looking at the board layout there is no reason except maybe the DOM is too small, other than an arbitrary planned obsolescence to not allow updates.

[dolbyman]

As long as you do not forward any ports to your NAS units, you are not at risk from the current malware waves .. just keep it that way

[zagi988]

As long as you do not forward any ports to your NAS units, you are not at risk from the current malware waves .. just keep it that way

Reading this seems like using myQNAPcloud link is ok as long as there are not any port forwards.

[dolbyman]

So far we know of no issues with this service .. but I'd rather use my own VPN access to reach my NAS from WAN

[PhilD]

Thanks, I think I'm good with what I have done even if the older NAS is not able to update. I never need the myQNAPcloud anymore so turning it off on both devices I think is best.

[pedroa]

The purpose of a NAS is to serve files in your LAN. All the "private cloud" stuff was just introduced to sell more units to users who only see ad promises but have no idea what it means in real life.

Keep you NAS in your LAN .. easy

Wait... so what you are saying is that a NAS is basically... a shared external USB drive with a network cable?

If you told me that earlier, I would have saved a bunch of money.

In real life people expect the ad promises to be fulfilled.

Since I am a bit skeptic of secure ad promises, I keep pilling up IP filters on layers of firewalls, and updates.qnap.com, and downloads.qnap.com are now on my radar of untrust, which is crazy because with earlier attacks, the attackers messed the etc/hosts so that the equipment didn't update on purpose. And now we don't know if that's is not actually a good idea.

Good luck to all you people out there ( me included )

[Ninecows80]

The purpose of a NAS is to serve files in your LAN. All the "private cloud" stuff was just introduced to sell more units to users who only see ad promises but have no idea what it means in real life.

Keep you NAS in your LAN .. easy

Well… no. Of course normal users won’t know. That was just the main selling point that I would be able to access and upload files from my phone. Of course I should have known better. Stupid me for not having a degree in computer science, but just wanting to be able to access my 9TB of movies, photos and music on the go.

So happy that you are here to tell us that we were all just so stupid that we fell for that marketing gimmick.

This is not your local car dealer. This is an international company shipping millions of units. Apparently qnap was not prepared and up to the task. I learned that the hard way. Fine. Hopefully they will take responsibility and find a solution so people can recover their files.

[zagi988]

Finally someone who said it right. If I wanted NAS to be local I'd just run samba from any cheap ** computer and it works just fine.