Macace  Freshman Member

@LDS How is this possible? Did you install the newest Firmware after the first Infektion and disable the complete internet access for the NAS after the update ? From the 13 NAS that I have in service there was only one infected. After that I have done the update and close Internet complete for the other 12. There are…

Hello I have removed the automatic generated Cloud User as follow: Go to the MyZyxel Cloud Website and do a disconnect from your NAS from the MyZyxel Service. After this uninstall the MyZyxel App in the NAS. After this the Cloud User should automatic remove after a short time. I have one of the 10 NAS that had not delete…

E-Mail Warning as Synology it do will be a good solution in my opinion. Yes it costs half of a Synology, this was main reason to buy it, because the hardware power was near the same. I will try to install OMV to one Zyxel. If this works good, that will be a possible soluition for a low cost system. The second cheap way is…

I have a call with the company Kroll Ontrack. They are specialist for such problems. No way, because it is the newer version of this ransomware. The only way is, to pay and hope you become the key. 50:50 chance.

@Mijzelf: You are more active in the forum than me. Are here also offical Zyxel workers, as in the past in the old forum? A main problem from the NAS also is, there is no automatic warning possible, that the firmware is old and should be update. Which user look to this when his NAS works. Btw the price for new the NAS542…

Hello LowLevel format is not possibel with the NAS at normal Way. 1. Remove all drives 2. Do a factory reset 3. Upgrade to the newest FW. ABAG.15 4. Insert only one Drive. All Data are not readable because it was from a Raid5, so in my Opinon it should be save enought. 5. Create a new Volume with that Drive. Raid1 makes…

We planed to restore the infected HDDs with a Desktop PC. After that we do a all sector format of the HDDs. Original it was a Raid1 system. Now we make two volumes. The second volume is only for the internal automatic backupsystem. Also we do a manual external backup via PC and a Image Program. (e.g. EaseUs or Acronis)…

@Simon01: Do you also have the three or more fake Users ? @all I have update the infected NAS to the newest firmware without HDDs. After that I have done a factory reset. Than I insert for test another HDD in the NAS. At the Moment it work. The owner of my infected NAS planed to pay the 0.019 BTC because her backup was in…

I have eight of NAS540 and NAS542 at different friends. One NAS542 ABAG.13 was also attacked at the same day. There were three new Users, two has no access to the shares, one has full access. Everything is encrypted. At a second NAS542 there were also three Users with the same configuration. I think we can shut down it…