With all the headlines about ransomware attacks hitting companies hard, you might think there’s only bad news around the subject.

Well, think again.

Not only has the Darkside ransomware gang seemingly shut down since the high-profile attack which resulted in the Colonial Pipeline being shut down, and numerous dark web forums announce that they will no longer promote ransomware-as-a-service (RAAS) schemes, but it also appears that another notorious ransomware outfit has decided to close its doors.

Qlocker has made a name for itself – not for attempting to extort millions of dollars from large corporations it has stolen files from – but by targeting the owners of poorly-secured Network Access Storage (NAS) drives.

Victims were greeted with a ransom demand for 0.01 Bitcoins (approximately US $400 at current exchange rates) for the recovery of files on their QNAP NAS drives that had been encrypted and placed in password-protected 7zip archives.

On some occasions, it is said that the extortionists would increase the size of the ransom by an additional 0.02 Bitcoin once a victim made contact.

qlocker-ransom

Reports claim that the Qlocker gang successfully made $350,000 in a month from their victims by exploiting a series of security vulnerabilities in QNAP devices. While there is much debate about whether companies are right to pay extortionists millions of dollars for the recovery of their systems, it seems it’s possible to make a tidy criminal profit hitting home users and small businesses for a much smaller amount.

At the end of April, QNAP responded to the threat, warning customers to deploy patches, update their apps, and run a malware scan, following widespread reports that devices had been compromised and user data encrypted by two families of ransomware: Qlocker and eCh0raix.

But in recent days, as Bleeping Computer reports, a (Read more...)