A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.
Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices.
While most ransomware groups put considerable development time in their malware to make it efficient, feature-rich, and have strong encryption, the Qlocker gang didn’t even have to create their own malware program.
Instead, they scanned for QNAP devices connected to the Internet and exploited them using the recently disclosed vulnerabilities. These exploits allowed the threat actors to remotely execute the 7zip archival utility to password protect all the files on victims’ NAS storage devices.
Using such a simple approach allowed them to encrypt over a thousand, if not thousands, of devices in just five days using a time-tested encryption algorithm built into the 7zip archive utility.