Security News > 2021 > May > Qlocker ransomware shuts down after extorting hundreds of QNAP users
The Qlocker ransomware gang has shut down their operation after earning $350,000 in a month by exploiting vulnerabilities in QNAP NAS devices.
As a possible sign of their impending shutdown, the Qlocker Tor sites began displaying a message stating that "This site will be closed soon."
Eventually, the above site shut down, but another Qlocker Tor site appeared a day or so later.
Today, in BleepingComputer tests and victim's reports in our Qlocker support topic, all of the Qlocker Tor sites are no longer accessible, and victims no longer have a way to pay the ransom.
As the Qlocker ransomware operation used a fixed set of Bitcoin addresses that victims were rotated through, it has been possible to track how many bitcoins they received in ransom payments.
Out of the twenty-two Qlocker Bitcoin addresses known by BleepingComputer, victims paid a total of 8.93258497 bitcoins in ransomware.