Qlocker Ransomware Shutdown Operations
After the DarkSide’s attack on Colonial Pipeline earlier this month, many ransomware groups are forced to reconsider their targets or even cease operations to avoid any law enforcement hit. In that pursuit, DarkSide group has announced to shut down, whereas REvil and Avaddon tightened their rules for affiliates. Now, Qlocker ransomware decided to disappear from the industry after making a significant sum in a short span. As reported by BleepingComputer, the Qlocker ransomware group has started to shut down their dark website last week and even did. But soon, there were proxy-type sites that popped up after the actual site’s shutdown, which were offline now. This marks the end of the Qlocker ransomware, as no sites relating to it are online now. Also, it makes sense to close business now as they have achieved enough, and continuing further may attract unwanted interest from law enforcement. Last month, Qlocker ransomware had targeted all the exposed QNAP NAS devices and locked them with 7zip software. The vulnerabilities they have targeted in QNAP NAS devices were recently discovered and patched. But the ones who weren’t updated had fallen victim to their spree, which was estimated to be thousands of devices. The successful element of this campaign was the low price ransom, which is set to just 0.01 Bitcoin. This translated to around $500 at the time and seemed affordable for the individuals who wanted to get their locked files back. Also, there were instances reported where the ransomware group had asked for $0.03 Bitcoin. From all the connected wallets tracked by BleepingComputer, the Qlocker gang has reportedly made a profit of 9 Bitcoins nearly, worth over $450,000 before this week’s crash, and is valued at over $350,000 now.