Thursday, March 28, 2024

Ransomware Strain Qlocker Targeting QNAP NAS Flaws – Patch It!

The cybersecurity experts pronounced recently in a report that they have detected a new ransomware, Qlocker. This ransomware has gone viral, by attacking hundreds of QNAP network-attached storage (NAS) every day.

However, this ransomware is one of the biggest campaigns that have used two ransomware known as “Qlocker” and “eCh0raix”. This two ransomware are slowly laying out to the servers of NAS around the world, and exploiting a vulnerability.

According to the report, this ransomware packs the victim’s files that are generally stored on devices into password-protected 7zip archives, and later it charges $550 as ransom to restore the file.

The most important feature of this malware is very dangerous, as it continuously put the users in serious trouble. The very first case of this ransomware came to the lights on April 20, 2021, after that the number of victims started increasing day by day.

After a proper investigation, the researchers claimed that On April 22, QNAP has encouraged all its customers to install the most advanced updates for three applications, so that they can prevent this kind of possible ransomware attacks.

Initially, in this ransomware attack, the victim will notice a text file called READ_ME.txt. After investigating the attack the researchers said that this one will find a unique key to access all the payment sites via Tor.

However, the payment is being made is 0.01 bitcoin, which is equivalent to Rs.37561.61 at the current exchange rate. Not only this, but the message directly indicates to the user that all their files have been encrypted.

Moreover, the text which has been sent by the hackers also includes a unique key that the victim must enter the attacker’s website within the Tor network and make a payment as soon as possible.

QNAP declared that they are trying their best, and are working on learning more regarding the problem and the ransomware. However, the researchers have provided a full solution to all the victims after proper investigation through which they can easily recover the files.

Moreover, QNAP is still trying to find any loopholes or weaknesses of the ransomware so that they can provide strong ​implementation to the victims. 

Apart from this, they are not turning off the NAS, but they are recommending the users to install and run the “Malware Remover” for the operating systems like QTS and QuTS hero.

The analyst also remarked that it is quite necessary to update the “Multimedia Console”, “Media Streaming Add-on” and “Hybrid Backup Sync” applications to the most advanced version that is available, and by this version, users can easily prevent the malware from spreading.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles