QNAP devices affected by Qlocker and eCh0raix ransomware

Multiple devices from QNAP, a Taiwanese company specialising in NAS storage, have been affected by two types of ransomware, called Qlocker and eCh0raix, aimed at encrypting their NAS devices for ransom.

These ransomware use the 7zip protocol to encrypt data, creating password-protected files and demanding a ransom. With this method it is possible to recover data from the logs used by 7zip, as long as the computer has not been shut down or restarted.

QNAP has updated its 'Malware Remover' tool to run on affected computers, facilitating the process and recommending contacting technical support. In addition, it has also updated various applications used on its devices.