CVE-2020-28188 was fixed very long time ago.
CVE-2022-24989 and CVE-2022-24990 have been fixed in version 4.2.31
viewtopic.php?f=28&t=3187
You may use an outdated TOS version, you need to keep your system up to date and recommended to use a strong password.
Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
To contact our team, please send email to following addresses, remember to replace (at) with @:
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
4.2.08 is a very outdated version in 4.x, for security reasons, it is recommended to keep your system up to date.ldingo wrote: ↑26 Feb 2024, 18:55 Same here on a F5-220. I was hit yesterday (25 Feb 2024).
I was running TNAS software 4.2.08 (moved to 4.2.40 after the fact).
The TNAS was running a PLEX server.
While I limited access only to internal network in the configuration I discovered later on that UPnP enabled forwarding port 5443, 8181, 9091 and 8800 in the router (why this?), so the TNAS was indeed exposed even though protected by strong passwords.
No trace of any attack/strange connections from the router logs.
Hope that TOS 5 will be better protected (any info?).
If somebody has any clues on way to decrypt I am ready to try before nuking it and restart from scratch.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
{L_BUTTON_AT}dizzastaffy
Nope my key is different
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
I got hit by this last night. Is there a fix for this? Or are my files gone for good?
Pretty disappointing.
Pretty disappointing.
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
My F2-F220 was also infected with ransomware with LVT extension.
I was consulting with a support person about ORICO 3.5 inch HDD case 5 bay mount being unstable.
I was attacked while replacing the TOS with an older version and a newer version as advised.
I think Terra Master has been aware of this problem since 2022.
It seems that owners of older types of NAS were not advised to be careful.
I'm really shocked.
Both F2-F220 and ORICO DS500U3 5 bay are no longer valid.
■Ransomware damage reported on TerraMaster NAS. Call to apply the latest updates
https://pc.watch.impress.co.jp/docs/news/1379713.html
※The text was created using Google Translate.
I was consulting with a support person about ORICO 3.5 inch HDD case 5 bay mount being unstable.
I was attacked while replacing the TOS with an older version and a newer version as advised.
I think Terra Master has been aware of this problem since 2022.
It seems that owners of older types of NAS were not advised to be careful.
I'm really shocked.
Both F2-F220 and ORICO DS500U3 5 bay are no longer valid.
■Ransomware damage reported on TerraMaster NAS. Call to apply the latest updates
https://pc.watch.impress.co.jp/docs/news/1379713.html
※The text was created using Google Translate.
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
My Tnas was attacket too, through tnas online.
I contacted TerraMaster technical assistance, the only thing they tried to do was to sell new products. It seems TerraMaster knows this issue from 2022, and they did nothing about it.
(by the way, I will NEVER buy again a TerraMaster product)
I sent the 0.01 bitcoin and received back an .exe that is not decrypting the data.
Do not send the 0.01 bitcoin, you will be scammed.
Message me if you want the .exe
I contacted TerraMaster technical assistance, the only thing they tried to do was to sell new products. It seems TerraMaster knows this issue from 2022, and they did nothing about it.
(by the way, I will NEVER buy again a TerraMaster product)
I sent the 0.01 bitcoin and received back an .exe that is not decrypting the data.
Do not send the 0.01 bitcoin, you will be scammed.
Message me if you want the .exe
Re: Tnas F4-210 got hit with Ransomware by *** By LVT LOCKER ***
I searched using Chrome browser translation.
Programmer posted on X, good idea.
English analysis.
https://twitter.com/malwrhunterteam/sta ... 1636425201
https://raw.githubusercontent.com/stamp ... omware.txt
More this is a Chinese site with analysis and explanations.
https://zhuanlan.zhihu.com/p/685771808
https://bbs.360.cn/thread-16120282-1-1.html
By the way, Terra Master didn't think of any measures.
Hackers may be well aware of the vulnerabilities of devices and systems.
They're definitely being targeted.
Programmer posted on X, good idea.
English analysis.
https://twitter.com/malwrhunterteam/sta ... 1636425201
https://raw.githubusercontent.com/stamp ... omware.txt
More this is a Chinese site with analysis and explanations.
https://zhuanlan.zhihu.com/p/685771808
https://bbs.360.cn/thread-16120282-1-1.html
By the way, Terra Master didn't think of any measures.
Hackers may be well aware of the vulnerabilities of devices and systems.
They're definitely being targeted.