The Qlocker ransomware group that was responsible for holding QNAP NAS devices for ransom has shut down its operations. The group was receiving almost $350,000 a month by exploiting vulnerabilities in the devices. After the devices were encrypted, the victims would be instructed to a read_me.txt file that explained how to get their files back. The normal ransom for these victims was .01BTC or about $550. The TOR site victims were directed to for payment instructions also recently began displaying a message about the site shutting down soon, warning victims to pay the ransom as quickly as possible. A low ransom amount combined with a short time limit was enough to convince many victims to pay up. Later in their attacks, the group began collecting the .01BTC asked for as ransom and then telling the victim that an additional .02 BTC was required to get their files back.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is