Mumbai, NFAPost: A new ransomware strain by the name Qlocker is on its race to infect hundreds of QNAP network-attached storage (NAS) devices every day.
According to sources, the ransomware is taking over hard drives, moving users’ files inside password-protected 7zip archives, and all victims are told to pay 0.01 Bitcoins, which is approximately $557.74, to get a password for their archived files.
Injection bug
The number of infections has skyrocketed into hundreds per day, according to statistics provided by Michael Gillespie, the creator of ransomware identification service ID-Ransomware.
During the past few days, the Taiwanese hardware company QNAP patched an SQL injection bug in the Multimedia Console and Media Streaming Add-on and also removed hardcoded credentials from the Hybrid Backup Sync app.
QNAP did not say which of the three apps the Qlocker gang is abusing to gain access to unpatched devices.
eCh0raix gang
QNAP told users to apply updates for these apps to prevent ransomware attacks not only from the Qlocker gang but also from eCh0raix, an older ransomware operation focused on infecting QNAP systems, which has been lurking and scouring the internet for unpatched QNAP devices since last year.
While the eCh0raix gang is not currently infecting hundreds of systems per day at the same pace as Qlocker, Gillespie told The Record that the operation had also seen a spike in recent days, suggesting they might have found and weaponised the same bugs as the Qlocker gang.