| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 150726 | 2022-06-12 01:02:00 | Hacked by Deadbolt! | Jayess64 (8703) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1486792 | 2022-06-12 06:57:00 | Did you try starting without the hard drives? that should have worked. I changed my settings as they suggested and enabled 2 factor authentication on mine today. Had to change the time settings on the nas to make it work with Google authenticator. |
dugimodo (138) | ||
| 1486793 | 2022-06-12 11:59:00 | One question that intrigues me is "Why me?" I don't really think I was targeted, so do the characters behind these events simply flood the web with their product that searches IP addresses for tell-tale signs that identify potential victims?Exactly this. You shouldn't have it exposed to the net. |
fred_fish (15241) | ||
| 1486794 | 2022-06-12 21:50:00 | Sounds painful. I have an up to date backup of both system and data. To restore system without access to PC, I'd just boot off USB stick and tell it to restore the PC. Data, run unzip. Both are stored on 2 separate HDDs, one not attached to anything. |
piroska (17583) | ||
| 1486795 | 2022-06-12 22:05:00 | I see no point in flailing around any further . The NAS is 5 years old, so I will replace it and be bit more aggressive with the protection settings . . Where will you find a consumer grade NAS that is hack proof . . . . . other brands also have had 'issues' Firmware fix's and recommendations to stop deadbolt on ASUSTore's have been out for quite some time . want better protection, then you MUST keep the firmware up to date . For any brand . AND dont open up the firewall router . Ive cleaned up a few ASUStore NAS's that were hacked with Deadbolt . Was a while ago, but Im sure the HD's had to be removed first . Plenty of easy to follow instructions out there . The number 1 thing is NOT to allow internet access to the NAS . Thats for any NAS . Use a VPN if you want to access the NAS from out of the network |
1101 (13337) | ||
| 1486796 | 2022-06-13 06:02:00 | I've had a number of people ask me about what the best Home NAS option is... and up until recently taking into account what their use case is I've recommended proprietary NAS units.... (QNAP/Asustor/Synology etc) for the simple fact that they are reasonably easy to get setup. The downside is price, flexibility and getting locked into the manufacturer's ecosystem and an added level of expopsure to vulnerability exploits. Now... I recommend unRAID and whilst there is a bit of a learning curve it provides a stable network attached storage solution. Obviously, unRAID isn't for everyone and it certainly isn't "the one solution to rule them all" but it comes pretty damned close. Late last year I migrated from a 4-bay QNAP NAS to an unRAID system... I had been planning it for months but thanks to a delay getting the parts for my AMD system it was pushed back. I used my old 8700K/Z370 system for the unRAID setup. Things to consider with unRAID. It is not free - the lowest tier for 6 disks is US$59, US$89 for 12 and $US129 for unlimited. You license is tied to the USB thumb drive it is installed on - there are ways to move your license to a new drive should it fail. The community forum and the unRAID support team is pretty good. There is a certain amount of time you have to invest at the start to get things setup.... but once it is, you literally will not have to do anything else, with the exception of updates for the OS and plugins etc or if you add new features. For the best experience, it's a good idea to buy a SATA/SAS HBA (preferably with 2 SAS channels which will allow you to run 8 sata drives and supports "IT Mode") - in liue if this you can use the SATA ports on your motherboard but you will obviously be limited by how many you have. You CAN run the system without a parity drive which means you have no "Redundancy" for a failed disk, this means you can run the system with a single disk and you're good to go. Ideally you'd want at least 2 disks, 1 for parity and 1 to store your actual data. This is the beauty of unRAID, you can start with a single drive if you want (obviously your data is at risk with a single disk) but best option is 2 disks but you can simply just add more drives as required. One thing to remember is that to maintain parity/redundancy, make sure your parity disk/disks is at least the same size or larger than the largest "data" disk you are running. If you want to look into a flexible, multi-function storage solution which offers other features such as running VM's and docker containers then unRAID is worth looking into. |
chiefnz (545) | ||
| 1486797 | 2022-06-13 08:20:00 | The OP said it wasn't open to the Internet. But many here have been telling him it shouldn't be open to the Internet. This is confusing. Can someone explain this inconsistancy? I have an older WDMYCLOUD that is vulnerable but WD have told us to cut access to the Internet which is the case with my NAS. So, am I still vulnerable? |
linw (53) | ||
| 1486798 | 2022-06-13 09:27:00 | You don't get Deadbolt if it's not accessible from the internet. Either it was opened up and forgotten, or the router has had uPnp turned on and it exposed him automatically. |
fred_fish (15241) | ||
| 1486799 | 2022-06-13 19:32:00 | Thanks for your reply, fred_fish. That's reassuring. | linw (53) | ||
| 1486800 | 2022-06-13 22:14:00 | Looking at the Asustore Forum & reddit , it looks like another round of attacks on Asustor NAS's Many peoples Asustor NAS's are getting hacked, again. Even those who updated their firmware with the security fixed firmware |
1101 (13337) | ||
| 1486801 | 2022-06-16 10:50:00 | Welcome to the Internet of Sh!t... | Agent_24 (57) | ||
| 1 2 3 | |||||