Monday, December 2, 2024
HomeCyber Security BlogsQNAP devices Around the World Are Getting Targeted by Qlocker

QNAP devices Around the World Are Getting Targeted by Qlocker

Qlocker is an active ransomware group and it is detected to be targeting and attacking QNAP devices all over the world. This campaign started on April 19. The infected user’s files are stored in a password protected 7zip archives. 

The Campaign-

It is reported by BleepingComputer that Qlocker support forum is witnessing increased amount of activity from a chunk of its victims. In addition to this, The ID-Ransomware services saw an increase in the number of submissions from its victims.

  • The attackers are using 7-Zip archives to lock the files of the victims in password protected archives. During the process of the locking of the files, the monitor of the QNAP device shows various 7-Zip processes.
  • Once the ransomware has completed its encryption processes, the files get stored in a password protected archive with .7z extension. These files will need a password to retrieve the files.
  • At the end of the process, the victims get a !!!READ_ME.txt ransom note. This contains the credentials to access the tor payment site.
  • The victims are demanded to pay 0.01 Bitcoins, ($557.74), after which they get the password to the archived folder.

The Vulnerabilities that are being exploited-

QNAP suggests that Qlocker has been exploiting the CVE-2020-36195 for executing their ransomware. They fixed two of their vulnerabilities as of April 16.

  • CVE-2020-2509: This is a command injection vulnerability that exists in QTS and QuTS hero.
  • CVE-2020-36195: This is an SQL vulnerability that exists in multimedia Console and the Media Streaming Add-On.

Conclusion-

Qlocker ransomware is exploiting a known vulnerability that is known to be patched already. This indicates towards the fact that several organizations have not patched their firmware. So, it is important that organizations always keep their network updated with the latest patch whenever they are released.

David Scott
David Scott
Digital Marketing Specialist .
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with ssyoutube.com
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us