A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt on infected devices.
In May, the Taiwanese vendor QNAP warned its customers of updating the HBS 3 disaster recovery app running on their Network Attached Storage (NAS) devices to prevent Qlocker ransomware infections.
At the end of April, experts warned of a new strain of ransomware named Qlocker that was infecting hundreds of QNAP NAS devices on daily bases. The threat actors behind the attacks were exploiting an improper authorization vulnerability, tracked as CVE-2021-28799, that could allow them to log in to a NAS device.