PSA Qnap ransomware attacks going on since 4/19/21

Hi, I wanted to report on this news that’s been hitting my news feed since today and that I feel might interest many people here that are using a Qnap NAS at the moment:

tl;dr The cryptolocker Qlocker is moving all the victims files to .7zip password protected archives and asking for 0.01BTC ransom to decrypt the files. Seems like a vulnerability in the cryptolocker has been found to recover for free the crypted data. Stay tuned.

Feel free to add more links regarding this news update.

I decided to create a thread because I feel this news needs to reach as much users as possible. If it’s not deemed worthy of a thread I’ll move this to the news story dump thread. Thanks.


I think there were recent reports of QNAP vulnerability and QNAP refuses to fix them (as heard from Security now podcast) This was the source of the news:

Looks like hackers arent wasting any opportunity to make money off ransomware.


I guess attacking a NAS can net even more profit than attacking a PC since they’re usually used to store data and backups long term.
Qnap is also terrible for not addressing such a gigantic vulnerability, since it has been found and it’s out in the open.
But also the article I posted talks about two vulnerabilities being fixed not that long ago, but I don’t know if those are the same you linked.

1 Like

Patched now?


Looks like they fixed it, yeah.