Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices
Tags
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 2e2fafbd-3f28-4ff6-ba94-e070f0d3d87f
Fingerprint b66339da8d47a0c5
Analysis status DONE
Considered CTI value 2
Text language
Published April 21, 2021, midnight
Added to db Feb. 17, 2023, 9:09 p.m.
Last updated Nov. 12, 2024, 4:44 p.m.
Headline Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices
Title Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices
Detected Hints/Tags/Attributes 49/1/16
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/massive-qlocker-ransomware-attack-uses-7zip-to-encrypt-qnap-devices/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details CVE 4 
cve-2020-2509
Details CVE 7 
cve-2020-36195
Details CVE 16 
cve-2021-28799
Details Domain 2 
service.qnap.com
Details Domain 1 
7z.sh
Details Domain 2 
re.sh
Details Domain 179 
www.torproject.org
Details Domain 1 
gvka2m4qt5fod2fltkjmdk4gxh5oxemhpgmnmtjptms6fkgfzdd62tad.onion
Details File 33 
read_me.txt
Details File 1 
'7z.log
Details File 1 
7z.log
Details File 1 
7z.bak
Details File 1 
r.py
Details File 3 
c:\program files\7-zip\7z.exe
Details Url 1 
https://service.qnap.com
Details Url 63 
https://www.torproject.org