QLOCKER - FULL GUIDE how to get your Data back, QNAP NAS Hack
!!! All your files have been encrypted !!!
All your files were encrypted using a private and unique key generated for the computer. This key is stored in our server and the only way to receive your key and decrypt your files is making a Bitcoin payment.
To purchase your key and decrypt your files, please follow these steps:
1. Dowload the Tor Browser at "https://www.torproject.org/". If you need help, please Google for "access onion page".
2. Visit the following pages with the Tor Browser:
gvka2m4qt5fod2fltkjmdk4gxh5oxemhpgmnmtjptms6fkgfzdd62tad.onion
3. Enter your Client Key:
KU1o8mGG4p8moefySdZSI85HX6C2HrkK+bxGuHnuXSbStdiDiGsOyl2BsIZA1x2/d+yiEVnRnJ3TVu1g2C1v8MLKuykVkIhCnCBM/im9MvPs74klClQaL8DxUDLznCwiC0k/0KK3r+usGQXDYarxF34da5kXweU+vv7rS4q9fRUzKW30UDBE9OqpYs3bPENspssr8C2hcEqJxNPtPY2nswVC95tgVlDXdET3w+TIqEIzzQEVxUc7TN55GW8ajyu2d1EO3QVxkTKreoMVED5qDuMXryZe24NfOGuJoNN644JkTChwemiahcdMI77NPa47SDmK8uFiAIHSEXGOR/soqg==
I tried it with the emsisoft and the id-ransomware detector and both said they are not able to identify the ransomware. id-ransomware gave me the following SHA:
07aadb320e307e1ac9315b1ad739ac467a71b80aI unplugged the NAS at 8:45, but it was too late already. The encrypted files already had been QSYNC'ed back to my Computer. What bothers me, is that as soon as the device was unplugged, the encrypting seemed to stop and I was not yet able to find any trace of an intruder in the logs. As of now I am running the NAS cut of from the internet and no more files were incrypted since then... Hopefully someone here may be able to help. I am attaching the READ_ME.
Thank you!