dosborne wrote: ↑Mon Sep 26, 2022 9:18 pm
It also runs on a schedule, it is OCMPLETELY different from an anti-virus that runs 24/7 to protect you live.
Yes that would normally be the case with antivirus software on client systems.
The AV-software available on the Qnap doesn't do that any more than Malware Remover though. It also only scan files.
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
Pretty stupid but at the same time, who could have known hackers used a vulnerability i qnap OS to just go straight in and encrypt files just like that.
First time in my life i am infected and also 25 years in IT-Sec makes this quite embarrasing to be honest.
This has been an on-going general security deficiency issue with QNAP for more than seven years now. PhotoStation has had numerous vulnerability over the past few years, this is nothing new when it comes to QNAP and their lack of any sort of basic security.
Last edited by jaysona on Tue Nov 01, 2022 2:49 am, edited 1 time in total.
i have created the .html file and run it and copied one of the deadbolt files to my local pc, selected this within the webpage and it has given me a code so i assume this is were i pay my bitcoin to and wait. if i get a response on the bitcoin site i then use this code on a windows based application and let it run on all the folders i copy onto a spare drive?
also the random 4 number file in mnt/hda_root will not delete or be renamed so it must be still live or running. i checked using shell and got no response on it running but why wont it delete then.
gmcl2k wrote: ↑Tue Sep 27, 2022 2:56 am
also the random 4 number file in mnt/hda_root will not delete or be renamed so it must be still live or running. i checked using shell and got no response on it running but why wont it delete then.
ill have to pay these cnuts the ransom
Not sure, if the file will be deleted or not, but a
should show, if the process is still running (replace #### with the 4 digit number).
Is it really a 4 digit number file? As far as I remember a 5 digit number file was reported by several users.
Anyhow, no matrer if 4 or 5 digits, stop this either by rebooting the NAS or killing the process.
I was hit and like some other morons I had let my USB backup drive attached to my Qnap NAS. Lost so much...so I had to pay. I managed to get my wallet working and paid the 0.05 BTC on Friday 23. September. I have not received the OP_RETURN code yet and I am pretty annoyed if I do not get it. However, I read from somewhere here that somebody got the OP_RETURN after 4 days.
I can see that the amount went through and it was 0.05 but some people have paid a little bit more. I wonder if I have to pay a small amount covering the fee that they pay after my 0.05 BTC payment???
This is where are paid: bc1q4dfdt90pqh64ds2kxnkw5zsuxmm3mwvuwt82vd
What gave me the real creeps is that when I had turned my Qnap NAS off for a couple of times I return the deadbolt index page a couple of times as the NAS started the malware remover apparently. I had the NAS running for a while as there was nothing that had not been encrypted already - nothing to lose anymore. But when I returned the ransomware index page it showed a different wallet account number this time - Yikes! I am not sure if the return code ever comes - Will it work if somehow the deadbolt came twice to my NAS?
I feel very stupid at the moment and I am dependent on the OP_return. I wonder if they have received so many ransom payments if they check those out manually or if they have automation?
Do you more clever guys know if the OP_RETURN is something that they create manually or automatically (iff there is a person responding with the code or if it is part of the blockchain process normally?? Read something that that was very technical and could not understand!
Oh yeah. Qnap has helped me before but I guess that they are tied up with the situation. No response to my support request using their channel through the NAS app.
Hello, I also got hit and now I decided to pay, some important files have been locked also because the backup HDD was connected via USB.
How much more BTC did you send? Is 0,52 BTC sufficient or to much or less?
flocke487 wrote: ↑Thu Sep 29, 2022 12:58 am
Hello, I also got hit and now I decided to pay, some important files have been locked also because the backup HDD was connected via USB.
How much more BTC did you send? Is 0,52 BTC sufficient or to much or less?
You have to check fee charged by Exchange. For example Binance takes about 0.0002 BTC so you have to send ie 0.0502
It was my first time too and on the site I used it was very clear how much the fee was. I just had to send the total required to give 0.05 nett. which was 0.050250
winpeak wrote: ↑Thu Sep 29, 2022 1:57 am
It was my first time too and on the site I used it was very clear how much the fee was. I just had to send the total required to give 0.05 nett. which was 0.050250