Asustor NAS Uninitialized Repair After Deadbolt Ransomware – Getting Back to ADM, Avoiding the Black Threat Screen & Seeing What Remains of your Data

Getting Your Asustor NAS System Up and Running Again After Ransomware Attack

It has now been a few days since the initial attack of Asustor NAS systems by the deadbolt ransomware attack and although full recovery is still not a complete option for a lot of users (without having to take the agonizing step of paying the group for an encryption key – gah!), there have been steps by users, the linux community and Asustor to mitigate some of the damage for some and for those unaffected, allow them to use their systems with a little more confidence and comfort. Below are some instructions that will be of use to users who are currently in the following situations with their Asustor NAS:

  • When the encryption/attack first started (or you first noticed the NAS activity) you powered down your system abruptly and your NAS now shows as Uninitialized’
  • You Have the Asustor NAS working, but are being greeted by the black deadbolt threat screen that you want to navigate around WITHOUT using SSH/Command line
  • You are in either of the above two positions AND you have snapshots or a MyArchive routine setup on your NAS

If any of those three setups are how you would describe the position that you/your Asustor NAS is currently in, then you may well find this guide useful. However, DO remember that you are still dealing with your data and although this guide has been provided for the most part by the band themselves (with additions by myself – Robbie), you should immediately have a backup of your data (even if it’s encrypted in case of a system failure etc) and/or an external drive ready to move any/all data over too. If you caught the ransomware encryption early, then you might still have a  good % of your data still ok. Observing numerous affected machines have shown us that the encryption/changes begin at the system level (ie so it can change the index screen and renaming, etc), so in some cases, some people have reported that they caught it in time for some data to have been RENAMED (i.e the .deadbolt prefix that is affecting access or older structure in some cases) but not actually encrypted. So, this guide is about getting you into a position to access your Asustor NAS GUI and whatever the state of your data is. After that, you may still have no option but to format your system, wait for any kind of brand/community recovery method or (and I do not say this lightly, as the thought of continuing this kind of behaviour is disgusting) pay the ransom to get your data back. I appreciate that this is S&!T but some business users might have little choice. Let’s discuss access recovery options. If you are unaware of everything that has occurred to asustor and the deadbolt ransomware, you can use the attached video below:

Asustor NAS – How to Get Your NAS Running Again If It Is Saying Uninitialized

If you powered down your NAS abruptly when you saw the black threat screen OR unusual activity on your NAS (either by pulling the power cord or holding the power button for 5-10 seconds), then chances are that as the encryption hits the system files first and was in progress, that your NAS is not showing as ‘uninitialized’. This is because the system software is no corrupted. Yesterday Asustor released a new firmware update that closed the vulnerability (they claim, I have not verified personally yet). So, the following steps in the guide using the client desktop software Control Center and an internet connection (can be just on your PC/Mac and you directly connect with your Asustor if you choose) will allow you to access your NAS login GUI.

If you have shut down before, please connect to a network. If you enter the initialization page, please follow the instructions below to update your NAS:

Step 1

  • If you enter the initialization page and have an Internet connection, please press Next.

  • Please click Live update and then click Next.

Step 2

  • If you’re on the initialization screen and not connected to the Internet, please download ADM from ASUSTOR Downloads to your computer.
  • Once done, manually update ADM by uploading the ADM image file from your computer as shown below.
  • Please press Next.

Step 3

  • Update.
  • After the update has completed, you’ll be able to return to ADM.

Asustor NAS – If You Are Still Seeing the Black Threat Deadbolt Ransomware Screen

If you have access to your NAS drive BUT are faced with the black threat login screen replacement that replaced the previous one AND have followed the previous steps to install the latest firmware, the next three steps should allow your to navigate AROUND this and remove it entirely.

If the ransomware page remains after you connect to a network:

  • Please turn off your NAS, remove all hard drives and reboot.
  • When the initialization page appears, reinsert the hard drives.
  • Please follow the instructions above to update your NAS.

Asustor NAS – How to Restore Data with Snapshots, MyArchive Backups or Mirrored Volumes

Now, the next step is not going to be an option for everyone. Once you have logged in and accessed the extent of the file damage by encryption (eg, % of files affected, are they encrypted completely OR just renamed? etc). The following steps will be of use to those of you who are running a BTRFS setup and setup snapshots and/or the MyArchive backup/sync storage service. This part of the guide also includes the means to install a ransomware tool that (I know, ANNOYINGLY) gain access BACK to the black encryption entry screen. So if you have no choice (I am not judging you, the importance of your data is your call) and are going to choose to pay the ransom as it is going to cost you less than not retrieving your data, then you can use this ‘ransomware status’ tool to gain access back to the payment screen, encryption key window and ultimately allows you to pay the hackers. Again, it’s your call.

If you want to restore data and you have more than one volume installed on your NAS, use MyArchive drives, or have previously made Btrfs snapshots, please refer to the following instructions below. Restore all backups that you may have. Alternatively, if you have Btrfs snapshots, use Snapshot Center to restore previous versions of files and erase changes done by ransomware.

If regular backups were not kept and you want to enter the decryption key to retrieve lost data:

  • Please download and install Ransomware Status by sideloading it into App Central.

  • Confirm details and press Install.

  • Wait for installation to complete.

  • Reload the webpage to enter the ransomware screen again. You’ll be able to enter the decryption key.

  • If you want to return to ADM, you can do this in one of three ways. You can add backup.cgi after/portal/ in the address bar of your browser, you can hold the power button for three seconds to shut your NAS down and turn it on again or you may use ASUSTOR Control Center or AiMaster to restart your NAS.

 

  • Afterwards, it is imperative to uninstall Ransomware Status from App Central.

 

📧 SUBSCRIBE TO OUR NEWSLETTER 🔔


    🔒 Join Inner Circle

    Get an alert every time something gets added to this specific article!


    Want to follow specific category? 📧 Subscribe

    This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

    Need Advice on Data Storage from an Expert?

    Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry.

      By clicking SEND you accept this Privacy Policy
      Question will be added on Q&A forum. You will receive an email from us when someone replies to it.
      🔒Private Fast Track Message (1-24Hours)

      TRY CHAT Terms and Conditions
      If you like this service, please consider supporting us. We use affiliate links on the blog allowing NAScompares information and advice service to be free of charge to you.Anything you purchase on the day you click on our links will generate a small commission which isused to run the website. Here is a link for Amazon and B&H.You can also get me a ☕ Ko-fi or old school Paypal. Thanks!To find out more about how to support this advice service check HEREIf you need to fix or configure a NAS, check Fiver Have you thought about helping others with your knowledge? Find Instructions Here  
       
      Or support us by using our affiliate links on Amazon UK and Amazon US
          
       
      Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.

      ☕ WE LOVE COFFEE ☕

       
      locked content ko-fi subscribe

      DISCUSS with others your opinion about this subject.
      ASK questions to NAS community
      SHARE more details what you have found on this subject
      CONTRIBUTE with your own article or review. Click HERE
      IMPROVE this niche ecosystem, let us know what to change/fix on this site
      EARN KO-FI Share your knowledge with others and get paid for it! Click HERE

      ASK YOUR QUESTIONS HERE!

      124 thoughts on “Asustor NAS Uninitialized Repair After Deadbolt Ransomware – Getting Back to ADM, Avoiding the Black Threat Screen & Seeing What Remains of your Data

      1. Any solution for the “Uninitialized” situation? I’ve updated the firmware on my NAS, so it’s not encrypting files anymore, but I still have the “Uninitialized” status. If I initialize the drive, it will erase all data. It’s amazing how little information ASUSTOR has on this attack.
        REPLY ON YOUTUBE

      2. Scary stuff. I have a Synology, but I would never have used EZ Connect anyway just as I would never use Synology Quick Connect, so I imagine the brand doesn’t matter in my case.

        I have ports 80 and 443 forwarded from the router to the NAS, and one Plex port (which I could probably stop, to be honest, as I use Jellyfin now, and I only really have Plex still running for comparison purpose), nothing else if memory serves. I only even forward 80 because everything is set to autoredirect to HTTPS and I’m too lazy to type https:// before URLs.

        My setup is that 80/443 are forwarded to the NAS, and the LSIO swag container on the NAS reverse proxies the request to everything else. I’m not sure if that layer between would obfuscate or help with this etc… but I do this because I don’t want to have to connect my phone to a VPN every time I want it to upload a picture to Nextcloud or something.
        REPLY ON YOUTUBE

      3. My files were all encrypted with this ransomware virus, I was then recommended to this guys on my bio *mouse*⬆️⬆️ who finally helped me to recover my files
        REPLY ON YOUTUBE

      4. My files were all encrypted with this ransomware virus, I was then recommended to this guys on my bio *mouse*⬆️⬆️ who finally helped me to recover my files
        REPLY ON YOUTUBE

      5. he was able to help me track my device from
        dump later, thank you sir. recommendation
        I strongly envy you a message if you have????????
        any lost device you still need????????????????
        ????????????????????
        REPLY ON YOUTUBE

      6. Worker with a reliable hacker is what I think is all over the world and I recommend a hacker parfait who works with good heart and sincerity Dee_hack11 is in Seoul☝️☝️☝️
        REPLY ON YOUTUBE

      7. I was dead in need of my computer. But I could not all because of this virus. I was recommended to #GLOCYBER and he responded to me and helped me fix my laptop.
        REPLY ON YOUTUBE

      8. my files have been encrypted and I thought I would never use them again. My lecturer told me to reach #GLOCYBER and he was able to help me recover my files from the virus. Thanks to him.
        REPLY ON YOUTUBE

      9. *I was hit, so unplugged, shutdown, external USB backs fine. Plex user, was watching at the time no issues, went to update saver denied, then found the splash screen, no on reboot, water gapped on an independent switch no WiFi etc, it instantly goes to initialization. So save to assume the service themselves have been affected. Did safe shutdown. After some time I turn on everything then I found out I’ve been truly hit by deadbolt. I did as many research as I could and I found out that scott can actually decrypt the encrypted files. So I paid some money not upto what deadbolt team are asking, then he decrypted my files*
        REPLY ON YOUTUBE

      10. ????I was so glad when I finally realized and get in touch with Glo Cyber while I used the contact above. He is indeed a genius and his skill are authentic. I rec. everyone to appreciate his efforts.
        REPLY ON YOUTUBE

      11. Is synology also been affected? I see Asustor, qnap, terramaster, but not synology or truenas, truenas i get it since you don’t use a their dedicated cloud, but synology? Does this mean that synology is more secure, or others less?
        REPLY ON YOUTUBE

      12. Has Ausustor come up with a PhotoRec solution like Qnap did yet? Are they even working on that? I have been checking their web site but haven’t even seen mention of this. :/
        REPLY ON YOUTUBE

      13. I really whant to know how and where dit it enter on the NAS, some deadbolted Nas have SSH down, 2FA and hard password (note 2FA activated is also needed for SSH). I also note that as i have ear, that no password was pirated (If it’s true that elimimate the bad or Not enoungh Strong password). Because i Always ear “it’s the user fault”. And i dont think that all true.
        REPLY ON YOUTUBE

      14. Rather than spending a long time trying to retrieve data and risk my NAS being connected to my laptop, I’d prefer to just wipe clean the two drives in my AS6302T NAS and lose the data permanently. Can this be done and the NAS setup anew with clean disks as if they had just been installed? I have a Raspberry Pi with a Linux OS set up on the network as an Apple Airprinter server. Could this be used with a disk caddy connected by USB cable to wipe the disks?
        REPLY ON YOUTUBE

      15. This is a warning to avoid trying to recover from deadbolt Ransomwhere using USA based business found on Instagram, Whats app and this forum . They are know as “900Ethics” in the forums. They offer to restore deadbolt files for a total of $300, then when they have that, they then ask for another $100 for decryption software, then when thats paid they are for a delivery and gas fee of $150, then when thats paid, they say you have paid $550 but others have paid $1000 so 900Ethics say we should pay more also.. These guys are dishonest crooks and scammers..
        REPLY ON YOUTUBE

      16. Luckily I wasn’t infected. But I feel bad for those who were. I applied the patch and changed to all the recommended settings. Now I have a NAS disconnected from the Internet and only on my LAN. Like a glorified bunch of drives. This shows once again that anything connected to the internet needs adequate security. And has to be security patched almost forever. Is it worth it having an internet connected fridge or heating system or smart meter or electric/fuel cell car and so on. I have a lot of doubts. I’m going to try and ignore Solutionism.
        REPLY ON YOUTUBE

      17. I had accidentally knocked the power off of my NAS before the attack. I plugged it back in when I figured it out. Went 2 days before I logged in only to see the splash screen. I was able to get to the main screen and shut it down from my office. Still seems like I lost my data.
        REPLY ON YOUTUBE

      18. Question:
        If I am getting the black ransomware screen and my ssh is disabled, how can I get into the interface to enable ssh and stop the encryption process.
        Also how can we find how much data was encrypted?

        Thanks!
        REPLY ON YOUTUBE

      19. My ASUSTOR was attacked by Deadbolt on 2/22/2022 and 2/23/2022. I get the black deadbolt extortion screen and some but not all of my video files .mkv received the extra deadbolt extension. I can access my ASUSTOR via SSH by logging into admin. However, I do not have the permissions to kill the process and make the change to replace the Index.CGI. Is logging into root different than admin? And when “ssh -l root” it asks if I want to create a finger print type key. Is this what I should do?

      20. How likely is it for a personal Laptop connected to the internet (obviously) being attacked with Ransomware like Deadbolt? Are there any precautionany steps to take to mitigate such risk?

        1. Yes, NAS brands might not be as fast as Windows in order to create a patch. But all software/hardware companies face similar threats to hackers that could use ransomware or other way of harm.
          To keep you data safe you should always have a backup. Simple things like Firewall and Antivirus would slow down/ identify majority of suspicious activity.

      21. I have my 4 drives that are in RAID5 connected to an Ubuntu based PC. The volume mounted itself, there was nothing to be done.
        As I feared, most of my files have been encrypted (about 80%). The worst is, the most important are in that category.
        Anyone has any clue how this could be encrypted?
        REPLY ON YOUTUBE

      22. It’s great news that Asustor came back so quickly with solutions. I am pleasantly surprised they went to the lengths they did to help with the restoring access to ADM to effected customers and then with a decrypting solution. When compared to QNAP, this is a step up on their solution. I guess the reputational damage would be huge, so they did what was right by their customers.

        By the way, I don’t represent Asustor, just giving credit where it’s due.

        The advice from Asustor to protect your device from these types of attacks is good but could be further extended to other controls they failed to mention.

        Since getting my Asustor 6204T a few years ago, I noticed the “Auto Black List” was recording unrecognised attempts on my device (If don’t use Auto Black List, then you should, I believe it’s essential). When I looked into the source of these attacks, they came from China and USA.

        This prompted me to use the “GEO IP Database – by Asustor” (app) which works with the “Black List” in “ADM Defender”. This allows you to Black List continents and regions of the world. In my case I blocked the entire world leaving only my country as permitted access. If I am not travelling abroad then there is no need to provide more than the minimum access. This goes a long way to protecting your device as this hugely reduces the likelihood of attempts on your device. Since then, no unexpected attempts have ever been recorded. (NOTE: If you ever need remote support from Asustor, then you will need to temporarilly permit Taiwan, to allow them access).

        Another prevention measure should be – permanently disabling EZ-connect and Auto Port Forwarding (UPnP) in your router because of the security vulnerabilities they present. Ultimately these features are provide convenience for non-tech savvy users.

        I avoid both these as you can still obtain remote access with a manual setup in ADM and your router.

        To manually assign ports in ADM go to “Settings>Manual Connect>EZ Router>Port Forwarding”. There is no need to use “EZ-Router Setup” which does the setup for you automatically (this kind of works like UPnP but in your NAS).
        On the router side, instead of using UPnP, manually assign port forwarding, which is technically safer. This can be found under “Wan>Port Forwading” in most Asus routers.

        I knew very little about ports, until I learned about the risks of not knowing about them. If this doesn’t quite make sense, you will need to do some research on the vulnerabilites of UPnP, then learn about ports, how they work and how to implement them manually.

        I wrote this because I once lost all my data, so I know how those of you who that have been affected feel – it’s devastating!

        The lesson I learnt from that was to get a robust NAS, which is why I have an Asustor NAS. I implemented a robust back up plan (x3 copies – Raid 1, plus two backups) and utilised all the security measure made available on my NAS. To be frank, Asustor provides enough security measures, but unfortunately, there is a bit of learning and experimentation required to understand and implement them effectively.

        Hope this is of some help.

      23. I got hit with this Deadbolt Ransomware a few days ago. On 24th morning, my internet was down. When the internet came up, I logged on to my laptop and tried to access the ASUSTOR NAS (AS1002T) – I had earlier mapped different volumes on the NAS to different drive letters on the laptop. When I clicked on a mapped drive, I could not access it. Control Centre did not display the device. I thought it has something to do with the internet going down, so I powered down the NAS (may have pressed the button longer than 3 secs). After that the Control Centre displayed the device but with the “Uninitialized” status.

        A few questions:
        1. If I do as the ASUSTOR support suggestions and update the ADM, and bypass the “Uninitialized” status, will the ransomware encryption (that had stopped earlier because of shutdown), start up again? Do I have to do something to stop that?

        2. Will I see the Black screen message after the ADM is updated? If so how to bypass that and access the different volumes to check the status of the files?

        3. At any stage after the ADM update, if I decide that I need to pay the ransom in order to recovery my data, is it possible? Or, the update will do away with that avenue?

        4. Once I am able to see my files, do I need to immediately copy them to another disk drive (external drive attached to my laptop)? If I delay that copy for a few days, will the situation get worse? If so, I need to buy an external drive before I attempt to update the ADM. BTW. I have photos and videos of past 25 years on the NAS, and I do not have a backup of the data for last 3 years, and therefore recovery of as much data as possible, of the last 3 years, is important to me.

        5. If I decide to pay the ransom, how do I pay in Bitcoin? I have never dealt in bitcoins before. BTW. I live in Canada.

        Can the good folks who are knowledgeable on this issue be kind enough to provide some answers, please.
        REPLY ON YOUTUBE

        1. I would like to see a reply to this post. I ripped the power out of my Asustor when I realised what the noise was. I am too afraid to boot it incase the encryption restarts and I can’t quickly kill the process (having never touched ssh in the past). I am assuming my AS5304T (1 Volume, RAID5) is uninitialised.
          * If I reboot my “uninitiallised” NAS will the encryption continue?
          * Will I be able to roll back snapshots?

      24. What are the steps to pay the ransom. Yes I know I’m an idiot I didn’t have a backup. There are 10 years of picture of my kids that mean a lot to us. Once the decryption key is received. Can it be entered with the NAS not connected to the internet? Once it decrypts will it encrypt the files again or do I have time to move my files

      25. I was able to get my NAS unit back on line following the instructions from 1 to 3 however my files all show the deadbolt extension. I tried to rename it back and run it but no luck’. Question I download the Ransomware Status app but Not sure how to use it. Install instructions are not clear.

        How do I use the Ransomware Status app to decrypt my files.

      26. FIXED Please read. A tech was able to get all data back! had the “Unitialized” situation. setup was 4 disks in RAID 10 (2 disks striped and then mirrored to the other two that were stripped. Just take disk one and use “EaseUS” to find the hidden data. Some of it was in folders with correct names and some were not but they did have the file names. I have no idea why this worked with only one disk and still sifting through the files (1000+) to see if they all work. So far so good. I dunno I can’t rap my head around why recovering from only one disk got this much information back. *I never use EaseUS btw. I have RapidSpar but the tech used it. JUST TRY IT! OR I DON’T CARE USE ANY RECOVERY SOFTWARE ON ONE DISK. I really hope this helps someone!
        REPLY ON YOUTUBE

      27. For those who want to know, there is a bit of an update on the “stuck on un-initialised” screen – New ADM version can actually bypass now for some users so you can access ADM and start to see how many files have been encrypted by deadbolt. Hope like me, many got off lightly (only volume 1 effected, but my drives were single volumes not in RAID)
        REPLY ON YOUTUBE

      28. After the attack, we shut down the server with AiMaster. When we opened it again, we got a “Uninitialized” warning in the Control Center application. What are we supposed to do? Not all of our data was encrypted. We do not want our data to be deleted. What should we do?
        REPLY ON YOUTUBE

      29. Sadly I am also affected, and I feel sick and violated. Unlike others, I do not entirely blame Asus but it makes me sad that there are some very clever people in this world who’s morals are such that they feel it is okay to use their skills to take advantage of innocent people. My Asustor has (had?) backups from my PC and from my wife’s MacBook, all my music and over 100,000 digital images (20 years’ worth). I suppose the good news is that my music and all the digital images are safely backed up to an old NAS; I have just checked and all the files are safe. The backups can be rebuilt. I did the safe shut down of my affected NAS, so I will leave it off until the dust settles and advice emerges as to the best way forward.
        REPLY ON YOUTUBE

      30. Fucking Seagulls again. Bastards shit all over everything worse than Pigeons.

        JUST finished transferring a hard drive full of data over to my brand new Asustor NAS that I bought in a large part due to the videos on this channel. We’re going to see if I’m affected here soon after I get all the information I need and have a run at shutting down the offending processes if I log into that black screen. Haven’t even had time to setup a backup of the NAS yet but also haven’t had time to enable remote access or install Plex yet so I’m hoping I haven’t been hit. Wish me luck
        REPLY ON YOUTUBE

      31. I just found out that I have been attacked by the Deadbolt Ransomware. And ALL my files have been effected. Is there anyway to fix this? I have no backup all. Everything I have years and years of data all in my Asustor. This is such a shit situation and Asustor needs to be held accountable!
        REPLY ON YOUTUBE

      32. My Asurtor system was attacked Monday. Luckily I had done a backup last Thursday so I only lost a day worth of work and still have all my files. All I did was reformatting the hdd erasing and going over 7 times to make sure all files were deleted. Back up and a good malware program can save you a lot of $$ and down time..
        REPLY ON YOUTUBE

      33. Will the Asustor hardware run any different Linux OSs? If I just want to build a NAS device can’t I do that with a server version of a different Linux OS? Most of them have some kind of GUI. Just a thought.
        REPLY ON YOUTUBE

      34. I think that a good idea would be that all the files on the NAS are read-only (maybe with some exceptions for logging etc) and if for any reason the device needs to change them, there could be an option to ask you to authorize it.
        REPLY ON YOUTUBE

      35. When I got my AS6510T I turned on all those services just because I wanted to see if there were security issues with them enabled. I had not transferred any data to the NAS yet so there was no data risk. I monitored the logs and within a few days I was getting attempted access from most of the countries where attacks originate like China, North Korea, Russia… etc. I shut down all remote access services and I have not seen a single access attempt since. I think Asustor needs to reassess their security model
        REPLY ON YOUTUBE

      36. I have a Synology but would this affect a backup on an external drive plugged into the Nas? Assuming that this same type of attack might be implemented on Synology Nas systems.

        I’m going to be setting up a backup on my Synology with an external drive so I’m curious if that would be a version of back that you are talking about to help recover your data in this case?
        REPLY ON YOUTUBE

      37. Came across this video whilst reading up on the attack, I have an Asustor, not sure yet if its been effected, as I only accessed it remotely via Android login from work to shut it down. I will be checking it later using these tips and wanted to thank you in advance for your efforts. Hoping all data is OK, and if it is i will be changing all the ports and following your suggestions – Hope everyone else is OK too! Good luck everyone
        REPLY ON YOUTUBE

      38. 20 Years of photos deadbolt locked. Wedding, birthdays, births, holidays. Memories potentially lost forever. I’m beyond gutted and really upset. Of course, I am learning the painful way that if I ever get them back, to have a secondary backup but more than that I am furious as Asustor. If Qnap got hit last month, did they not consider warning the rest of us? I didn’t know about qnap attack until it happen to my asustor.
        Have any Qnap owners got their data back without paying the ransom? I can’t afford $1100 without even the guarantee of the key working.
        REPLY ON YOUTUBE

      39. I got it hit too but all able to access via network share and all backed up all my file so I’m not very worried but the day after my system file got encrypted I guess prolly I did force shutdown, since greeted to initialized the NAS
        REPLY ON YOUTUBE

      40. Gladly I never had remote access or ez-connect enabled and never used plex on it, also when this all started I happened to have my Asustor turned off. With that said, powered on, immediately switched off SSH-connection and swithed https-protocols, seems all good for me luckily. Also, I am using a VPN on my router.
        REPLY ON YOUTUBE

      41. Yep, I got it yesterday thought my NAS was making a lot of noise but had to go to work immediately and forgot to check after, today found my whole NAS locked out. Immediately shut it down, just waiting for Asustor now to come with some more information 🙁
        REPLY ON YOUTUBE

      42. Just a reminder that your dealing with criminal and non-moral people who have no honor. Do not send money , if you send money your a put on a list of naïve people and the will attack again knowing your paying. Just be patient Asustor will find a solution. Also i can access my asustor with my phone app. So my plan is to wait for update and update with my asustor phone app. #iloveseagulls
        REPLY ON YOUTUBE

      43. Apologies for the slightly rushed nature of this video. The Deadbolt ransomware attack on Asustor NAS systems largely kicked off yesterday afternoon and I have been pretty much non-stop on this since then (pulling an all-nighter like the old days!) and assisting a bunch of users, as well as finding out as much as I can and being as noisy as possible to alert any users left who might be targetted. As the video suggests, I will be updating the article on this as more info arrives and if a workable solution appears (I have a deadbolt affected Asustor arriving with me later in the week), I will make a video on this. Otherwise, night night everyone, I am bloody shattered! #Ihateseagulls
        REPLY ON YOUTUBE