Security News > 2022 > January > Qlocker ransomware returns to target QNAP NAS devices worldwide
Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage devices worldwide.
Qlocker has previously targeted QNAP customers in a massive ransomware campaign that started during the week of April 19, moving victims' files within password-protected 7-zip archives with the.7z extension after breaching their NAS devices.
For some QNAP customers targeted in last year's Qlocker ransomware campaign, the warning came way too late after the attackers extorted hundreds of QNAP users.
The new Qlocker ransomware campaign began on January 6 and it drops ransom notes named !!!READ ME.txt on compromised devices.
You can also check out the old guide on how to recover data from NAS devices compromised in last year's Qlocker ransomware attacks.
Qlocker is not the only ransomware targeting QNAP NAS devices, as shown by a surge of ech0raix ransomware attacks that started right before Christmas.