A couple of weeks ago I found out that my Asustor server had been hit by the Deadbolt break in. All my files are now encrypted and I can only get them back if I pay up some bitcoins.
I hardly used it anymore, it was mostly an archive of old stuff, so it was on low maintenance. But I did have a Syncthing share on it as well. Now *.deadbolt files shows up all over my Syncthing net, the original files are still there, but copies with an added .deadbolt extension is also there.
I don’t know how long the server had been hacked when I found out, but it was a few weeks after the Asustor-Deadbolt story started to get reports all over. I don’t know how many files the server had syncthinged to others before I pulled the plug, pehaps a few thousand. It wasn’t the quickest little server around, thankfully.
Now I’ve added .deadbolt to the ignore list on every share on every machine. It took a while. I wish there would be a way to set ignores device wide, in the settings besides Ignored machines and folders…
Next step is to Catfish those .deadbolt files. I haven’t tried to save the server yet.
1 post - 1 participant