DeadBolt Ransomware Provides Special Service for 50 Bitcoin


If security experts think they’ve seen it all, they’re guaranteed to be in for a surprise. As in the case of ransomware called DeadBolt, where the extortionists go straight to the top and offer a master key for 50 Bitcoin. At first glance, this is a fairly standard crypto-malware that specifically infects NAS systems from the manufacturer QNAP and encrypts the data stored there.

Affected users will then first receive the usual message from the extortionists, offering the recovery of the data with an associated key if they transfer bitcoin worth just over a thousand dollars. However, the criminals’ offers are less common, according to a report from bleeding computer appears. For example, they offer to provide details about the zero-day vulnerability exploited by the malware in the QNAP firmware for a payment of 5 bitcoins, which are worth just over $180,000 at the current rate.

In addition, however, they also allow the manufacturer of the NAS systems to do the whole thing at once for all their customers: according to them, there is a master key for encryption by the DeadBolt ransomware that works on all affected systems.

The blackmailers would betray them if the company transferred a full 50 bitcoins, which in today’s terms equates to at least $1.85 million. From the point of view of criminals, this seems like a perfectly adequate solution. While most ransomware groups still offer some form of contact options, DeadBolts does not. Contact with the attackers is therefore only possible in the form of bitcoin transfers, with which the response in the form of the decryption key is then returned in the OP-RETURN field.