To all those who are using QNAP storage devices for backup or file sharing purposes, here’s an alert that needs your attention. From the past few days, a ransomware dubbed as Qlocker has been targeting the said NAS devices on a network and blocking their access to users.
It is learnt that the massive file encrypting malware campaign started on April 19th,2021 when victims took help of the technology forums to know more about the ransomware.
Qlocker Ransomware is not only accessing files by encrypting them with a password protected 7Zip archives ending with .7z extension, but is also seen stealing data from the victim devices. The password that is known only to the attacker will be revealed only when the victim pays a ransom in 0.01 BTC for each file.
Security analysts say that hackers could have exploited previously known RCE vulnerability aka CVE-2020-36195 on QNAP device to gain full access of the device and execute the ransomware.
QNAP, a Taiwan-based NAS system providee that does business in over 150 countries is currently probing the issue and might offer a free of cost decryption key to the ransomware soon. Its data storage appliances are used across the globe for virtualization, storage management, and surveillance applications, along with file sharing. The company became a member of Intel Intelligent Systems Alliance in 2011.
Two days ago, Independent Ransomware hunter Michael Gillespie was the first to share details about Qlocker ransomware.