The Qlocker ransomware gang that caused a stir in the media last month for infecting vulnerable QNAP NAS devices has reportedly shut down its operation. As per Bleeping Computer, the group earned $350,000 a month by exploiting vulnerabilities in QNAP NAS devices.
The ransomware attacks came to light on April 19, when multiple 19th, QNAP NAS device owners worldwide started reporting that their device's files were replaced by password-protected 7-zip archives. The attackers demanded 0.01 bitcoins (~$550) for the password to recover the victim’s files.
The Qlocker Tor sites began displaying a message stating that "This site will be closed soon." More recently, the gang stepped up their game and started demanding additional .02 bitcoins from victims to get their files back.
According to Bleeping Computer, currently, all of the Qlocker Tor sites are no longer accessible, and victims no longer have a way to pay the ransom.
The researchers have managed to track more than twenty Bitcoin addresses, with the gang amassing a total of 8.93258497 bitcoins in ransomware payments.
Just last week, DarkSide, the ransomware gang, responsible for the Colonial Pipeline attack shut down their operation after they lost access to servers and their cryptocurrency was transferred to an unknown wallet, probably as a result of a law enforcement operation. The gang reportedly received a total of $90 million in Bitcoin ransom payments in the last nine months.