Qlocker Ransomware

The Qlocker Ransomware is a newly identified file-locker that targets QNAP devices exclusively. The interesting thing about this new campaign is that its operators are not relying on fake downloads or other deceptive content to deliver the ransomware to their targets – instead, they are exploiting vulnerabilities in QNAP devices running on outdated firmware. We advise all owners of such hardware to apply the latest updates immediately to mitigate the vulnerabilities that the Qlocker Ransomware is known to exploit.

The Qlocker Ransomware attack is able to lock the victims out of their files by placing them in a password-protected archive whose random-generated password is sent to the attackers. Unfortunately, cracking the '.7z' archive is impossible, and victims will be unable to restore their files unless they own a backup copy. The criminals behind the Qlocker Ransomware offer to sell the password for 0.01 Bitcoin, or about $550. However, we would not advise anyone to agree to pay the ransom fee because there is a high chance that Qlocker Ransomware's creators will outright trick them out of their money.

The full instructions of Qlocker Ransomware's creators can be found in the document '!!!READ_ME.txt' that the threat drops after it is done archiving the victim's files. It asks them to use the TOR browser to visit a payment page, which provides more details about the offer of the criminals.  Please note that the Qlocker Ransomware campaign has been around for only three days but has already infected over 400 QNAP devices – and the number keeps growing rapidly. Secure your hardware by applying the latest firmware updates.