{
	"id": "5d9459ef-0e9a-48df-9d4a-d8a3231e8c50",
	"created_at": "2026-04-06T00:21:41.340189Z",
	"updated_at": "2026-04-10T03:20:26.775323Z",
	"deleted_at": null,
	"sha1_hash": "e36eb88ec78a7393e1b256042417b62916f13799",
	"title": "QNAP warns of AgeLocker ransomware attacks against NAS devices",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 54804,
	"plain_text": "QNAP warns of AgeLocker ransomware attacks against NAS\r\ndevices\r\nBy Catalin Cimpanu\r\nPublished: 2022-12-07 · Archived: 2026-04-05 16:51:53 UTC\r\nTaiwanese hardware vendor QNAP said today that its network-attached storage (NAS) devices are under attack by\r\na ransomware operation known as AgeLocker.\r\nIn a security advisory, the Taiwanese company urged customers to immediately update their NAS operating\r\nsystem and any apps they have installed on the device to prevent the AgeLocker gang from getting a foothold on\r\ntheir systems and encrypting their files.\r\n\"To further secure your device, do not expose your NAS to the internet,\" the company said. If you must connect\r\nyour NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.\"\r\nQNAP did not specify which vulnerabilities the AgeLocker gang was abusing.\r\nIt is unclear if the AgeLocker gang was hunting for QNAP NAS systems left unpatched or if they were targeting a\r\nrecently patched vulnerability.\r\nToday's advisory comes after last week QNAP warned of similar attacks against its NAS systems from\r\nthe Qlocker and eCh0raix ransomware strains.\r\nAccording to statistics provided by the ID-Ransomware service, there doesn't seem to be a particular spike in\r\nactivity from the AgeLocker group, which suggests these new AgeLocker attacks are not happening on the same\r\nscale as the Qlocker attacks from last week.\r\nThe AgeLocker ransomware was first spotted in the wild in July 2020 when it exploited bugs in the QNAP NAS\r\nfirmware (known as QTS) and in a preinstalled app named PhotoStation.\r\nThe company warned of these attacks a few months later, in September 2020, when customer incidents started to\r\nrise.\r\nhttps://therecord.media/qnap-warns-of-agelocker-ransomware-attacks-against-nas-devices/\r\nPage 1 of 2\n\nAgeLocker is the fourth ransomware strain known to target QNAP NAS devices after Qlocker, eCh0raix,\r\nand Muhstik. AgeLocker's name comes from its use of the Actually Good Encryption (AGE) algorithm to encrypt\r\nfiles.\r\nBesides ransomware, QNAP NAS devices have also been historically targeted by\r\nthe Dovecat and UnityMiner crypto-miners and the QSnatch backdoor trojan.\r\nGet more insights with the\r\nRecorded Future\r\nIntelligence Cloud.\r\nLearn more.\r\nSource: https://therecord.media/qnap-warns-of-agelocker-ransomware-attacks-against-nas-devices/\r\nhttps://therecord.media/qnap-warns-of-agelocker-ransomware-attacks-against-nas-devices/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://therecord.media/qnap-warns-of-agelocker-ransomware-attacks-against-nas-devices/"
	],
	"report_names": [
		"qnap-warns-of-agelocker-ransomware-attacks-against-nas-devices"
	],
	"threat_actors": [],
	"ts_created_at": 1775434901,
	"ts_updated_at": 1775791226,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e36eb88ec78a7393e1b256042417b62916f13799.pdf",
		"text": "https://archive.orkl.eu/e36eb88ec78a7393e1b256042417b62916f13799.txt",
		"img": "https://archive.orkl.eu/e36eb88ec78a7393e1b256042417b62916f13799.jpg"
	}
}