(01) 236 01 01(040) 54887560+31 252 621625
In many scenarios, there are still good chances of recovering data that appears to be lost through ransomware attacks.


For several weeks now, we have been receiving inquiries almost every day from desperate customers, whose QNAP NAS system has become a victim of the QLocker ransomware and the data is no longer accessible. In contrast to other crypto Trojans, where the data is normally encrypted and thus overwritten using software / scripts that are specially installed, with QLocker the files are saved in password-protected archives with the "7zip" compression software that is already pre-installed on the system. The affected folders then have the extension ".7z". Before the data is encrypted in this way, the text file "!!! READ_ME.txt" with further procedures for the victims is created in the affected folder. The ransom is called in Bitcoin and is usually 0.01 BTC, which corresponds to around € 327 (value may be incorrect due to exchange rate fluctuations).

QNAP itself has already issued a statement on this with the urgent recommendation to install the latest version of the malware remover. It is also advisable to update all subsystems - especially for myQNAPcloud.

What to do if the data is encrypted with QLocker?

Call us and tell us about your situation. Because we have already made the experience several times that QLocker apparently does not seem to be the most "professional" cybercriminals and sometimes their work is not so "clean". In some cases, we were able to discover new approaches and ways with which the data loss could be limited or even almost completely reversed.

Attingo Team
DI (FH) Markus Häfele
General Manager
Peter Franck
Robbert Brans
Ing. Özgür Göksu
Maximilian Maurer
Spare Part Manager
Dipl. Ing. Nicolas Ehrschwendner
Partner and consultant
Sebastian Evers
Customer support
Boris Hakaso
Paul Carlson
success rate
25 years
of experience
rescue success