NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

funglenn's avatar
funglenn
Luminary
Apr 11, 2019

nampohyu on Readynas

is it possible that this new ransomware virus some how infected my NAS shares? not the shares but linux OS itself? i am runnign 6.6.0
radziuxd's avatar
radziuxd
Aspirant
Apr 14, 2019
Thankfully I keep private files under password on other account so only copies of movies and games have been infected.

My NAS forward 39076, 29897, router forward 22333 and well... yes, NAS was on DMZ.
StephenB's avatar
StephenB
Guru - Experienced User
Apr 15, 2019
radziuxd wrote:
 well... yes, NAS was on DMZ.

So all unsolicited inbound traffic was forwarded to the NAS, including the ports used for SMB.  I think that the DMZ was also the vector for you - since only shares with anonymous read/write were affected.

 

BTW, if nothing on your home network is infected with the malware, then I doubt that the files were actually encrypted - that would require a lot of resources to do remotely.  More likely a hacker would just delete them, and create new stuff that looked encrypted megalocker.

 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More