Hi!
received an email with this - I cannot access the Qnap via browser again
!!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
how can I recover it again, is there a remover tool, what steps should be done!
the
Peter
I found this here
https://www.cybercrimepolice.ch/de/fall ... inspielen/
!!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
All your files were encrypted using a private and unique key generated for the computer. This key is stored in our server and the only way to receive your key and decrypt your files is making a Bitcoin payment.
To purchase your key and decrypt your files, please follow these steps:
1. Dowload the Tor Browser at "https://www.torproject.org/". If you need help, please Google for "access onion page".
2. Visit the following pages with the Tor Browser:
URGEND: received an email with this !!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
-
- New here
- Posts: 2
- Joined: Sat Jan 22, 2022 6:17 pm
- Guapo81
- Know my way around
- Posts: 160
- Joined: Tue Jun 21, 2011 4:22 pm
- Location: Netherlands
Re: URGEND: received an email with this !!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
You can read all about it in the almost impossible to miss topic about Qlocker ->ppeter1 wrote: ↑Sat Jan 22, 2022 6:21 pm Hi!
received an email with this - I cannot access the Qnap via browser again
!!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
how can I recover it again, is there a remover tool, what steps should be done!
the
Peter
I found this here
https://www.cybercrimepolice.ch/de/fall ... inspielen/
!!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
All your files were encrypted using a private and unique key generated for the computer. This key is stored in our server and the only way to receive your key and decrypt your files is making a Bitcoin payment.
To purchase your key and decrypt your files, please follow these steps:
1. Dowload the Tor Browser at "https://www.torproject.org/". If you need help, please Google for "access onion page".
2. Visit the following pages with the Tor Browser:
viewtopic.php?f=45&t=160849 - [RANSOMWARE] 4/20/2021 - QLOCKER
QNAP TS-h886-64G 2x Samsung 970PRO NVMe SSD (RAID1, System), 2x Samsung 860 PRO SSD (RAID1, VM) 4x Seagate EXOS X16 16TB (RAID5, Data) - FW: QuTS-hero
QNAP TVS-682-i3-32G 4x HGST HUH728060ALN600 (RAID5, Backup) - FW: QTS
QNAP TVS-463 4x Seagate ST2000VN000 (RAID5, Surveillance, Backup) - FW: QTS
Former units: TS-469Pro, TS-459ProII, TS-269Pro, Qgenie
QNAP TVS-682-i3-32G 4x HGST HUH728060ALN600 (RAID5, Backup) - FW: QTS
QNAP TVS-463 4x Seagate ST2000VN000 (RAID5, Surveillance, Backup) - FW: QTS
Former units: TS-469Pro, TS-459ProII, TS-269Pro, Qgenie
- dolbyman
- Guru
- Posts: 35253
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: URGEND: received an email with this !!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
news to me that uusers got an email though ... thought it was just txt files
- Guapo81
- Know my way around
- Posts: 160
- Joined: Tue Jun 21, 2011 4:22 pm
- Location: Netherlands
Re: URGEND: received an email with this !!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
That looks like something new indeed.
The thing that surprises me though is the fact that qlocker is still creating victims.
Thought that QNAP had plugged the holes by now, since presumably the vector of Qlocker was a zero-day leak?..
Anyway, also the message of NOT simply exposing your NAS to the WAN, without a decent security setup, should pretty much had reached all QNAP users by now, I would think.
QNAP TS-h886-64G 2x Samsung 970PRO NVMe SSD (RAID1, System), 2x Samsung 860 PRO SSD (RAID1, VM) 4x Seagate EXOS X16 16TB (RAID5, Data) - FW: QuTS-hero
QNAP TVS-682-i3-32G 4x HGST HUH728060ALN600 (RAID5, Backup) - FW: QTS
QNAP TVS-463 4x Seagate ST2000VN000 (RAID5, Surveillance, Backup) - FW: QTS
Former units: TS-469Pro, TS-459ProII, TS-269Pro, Qgenie
QNAP TVS-682-i3-32G 4x HGST HUH728060ALN600 (RAID5, Backup) - FW: QTS
QNAP TVS-463 4x Seagate ST2000VN000 (RAID5, Surveillance, Backup) - FW: QTS
Former units: TS-469Pro, TS-459ProII, TS-269Pro, Qgenie
- dolbyman
- Guru
- Posts: 35253
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: URGEND: received an email with this !!! ALL YOUR FILES HAVE BEEN ENCRYPTED !!!
qnap is patching holes left and right..but its a cat and mouse game ... so pretty sure the latest wave is just a different exploit used