The Qlocker ransomware has been active once again with waves of attacks this year. This ransomware has been using, like the others, the Ransomware as a Service (RaaS) strategy. This allows the destructive power of a ransomware attack to be made accessible to anyone.
Qlocker’s primary target has been the specialized manufacturer of network storage solutions, QNAP. More precisely, the NAS (Network Attached Storage) storage devices that are exposed to the Internet network around the world.
Qlocker uses this vulnerability of QNAP devices connected to the Internet to execute a simple mechanism. After entering the environment, the malware takes care of moving the victims’ files to password-protected 7-zip archives.
Resulting in an environment with only .7zip extension files and a READ_ME.txt ransom note with the steps to follow to supposedly get their data back.
The group had previously attacked NAS devices, thus forcing the company QNAP to take some emergency measures. Consumers were obviously informed of the imminent risk and such a vulnerability that they were exposed to at that time.
Unfortunately, for some consumers the alert came too late. Many users ended up seeing their data being encrypted and locked without knowing precisely what they could do.
Around $350,000 in ransom value was spent by QNAP consumers attacked by the Qlocker ransomware in a single month.
Of course, with this wave of attacks going well for the evildoers, it was not to be expected that their activities would not cease. The group attacked once again, increasing its average ransom value from 0.01 BTC to 0.02 BTC (approximately $700 at the time of the attack wave).
Recover files encrypted by Qlocker ransomware
Paying the ransom is not recommended under any circumstances, payment funds the groups for further attacks, and criminals give no guarantee that the key will be delivered after payment.
For this reason, Digital Recovery is positioned as the best solution for recovery of data encrypted by ransomware.
Our experts have developed recovery solutions that give us the ability to recover data from databases, storages, virtual machines, RAID systems, servers, and other storage devices.
We understand how sensitive a company’s data can be, so we have taken care to build our recovery strategy in accordance with the General Data Protection Regulation (GDPR) and have, of course, a confidentiality agreement (NDA).
All of this is done remotely. So no matter where you are, Digital Recovery can help. Contact our experts and get your data recovered now.