Jump to content

[2021/03/26][eCh0raix/QNAPCrypt]


Recommended Posts

We have identified "eCh0raix / QNAPCrypt". This ransomware may be decryptable under certain circumstances.

Please refer to the appropriate guide for more information.

Identified by:

  • ransomnote_url: http://veqlxhq7ub5qze3qy56zx2cig2e6tzsgxdspkubwbayqije6oatma6id.onion/

Click here for more information about eCh0raix / QNAPCrypt.

Case number: 1f126dfd58211ae8ec5a794c001716f765145bb31616768998

 

encrypt.zip

Edited by GT500
Removed onion link.
Link to comment
Share on other sites

There's a decrypter for an older variant of this ransomware, however I don't think it will work for any encryptions that happened since June:
https://www.bleepingcomputer.com/ransomware/decryptor/ech0raix-ransomware-decryptor-restores-qnap-files-for-free/

There's more information about the ransomware and how to protect your NAS for further infections at the following link:
https://www.bleepingcomputer.com/news/security/ongoing-ech0raix-ransomware-campaign-targets-qnap-nas-devices/

 

Link to comment
Share on other sites

On 2021/3/27 at AM6点01分, GT500 said:

对于该勒索软件的较旧版本,有一个解密器,但是我认为它不适用于自六月以来发生的任何加密:https :
//www.bleepingcomputer.com/ransomware/decryptor/ech0raix-ransomware-decryptor-restores- qnap文件免费/

以下链接提供了有关勒索软件以及如何保护NAS免受进一步感染的更多信息:https :
//www.bleepingcomputer.com/news/security/ongoing-ech0raix-ransomware-campaign-targets-qnap-nas-devices/

 

Yes, I tried it, but failed, so come over and submit a sample, hoping to get help.

Link to comment
Share on other sites

10 hours ago, TexPrint said:

Yes, I tried it, but failed, so come over and submit a sample, hoping to get help.

It looks like the decrypter was released by an independent ransomware analyst, so I recommend checking the BleepingComputer support topic to see if there's any newer information:
https://www.bleepingcomputer.com/forums/t/617854/ech0raix-ransomware-qnapcryptsynology-nas-encrypt-support-topic/page-15#entry4840762

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...