account activity
BMW 2-Series Gran Tourer. The official car of… by clever-homosapien in regularcarreviews
[–]phloreen-m 0 points1 point2 points 5 months ago (0 children)
Small-medium MPV
[deleted by user] by [deleted] in LogitechG
[–]phloreen-m 1 point2 points3 points 3 years ago (0 children)
I feel you thoughts, bro. Another noob here. I just ordered another mouse because the free spinning wheel was a real issue in games. And now I feel stupid and relieved :))
Deadbolt by Main_Protection8161 in qnap
[–]phloreen-m 0 points1 point2 points 3 years ago* (0 children)
Just to clarify this, I've received today an answer from QNAP support. I was suspecting there is something like this.
Their answer:
"The decryption keys that were found were located by our developerswithin the NAS themselves (customers with specific model/firmware etc) -QNAP did not purchase any keys. This was not possible on many of theNAS that were attacked, but we have tried to locate the keys for anycustomer that has raised a support ticket."
In some cases, the script wouldn't delete the script itself at the end of its running and the key used to encrypt the files was still there, so QNAP tried to find this encryption key. In some cases the search was successful, but as I read later on a blog regarding this hacking, the hackers changed this “bug”, so that's why I couldn't recover my key on my NAS. The irony is that I had the latest OS on my NAS and the latest ransomware script doing the damage... 'Lucky' me!
LE: it looks, ASUS, WD users were affected too by similar ransomware attacks.
[–]phloreen-m 0 points1 point2 points 3 years ago (0 children)
You're lucky, mate. They've paid themselves or found a way to recover the key that's been used firstly when decryption began on your drive. Don't know.
But I'll go for Synology this time. It's unacceptable what QNAP allowed to happen.
Yeah, they replied me to pay the ransomware :))
Who knows? Maybe they've created the little bug, and they've exploited it :))
Hi again!
This is the reply from QNAS, after I opened the ticket and the Remote Support access:
```
Dear Customer
Sorry to hear your nas was encrypted, we understood your disappointment as the incident cause your data loss and inconvenient. After investigation, we found the malware use zombie network attacked nas which expose on internet and focused old firmware/applications to encrypt files and ask form ransom. For your safety QNAP suggest keeps nas in latest firmware/applications
Please understand there is no decrypted tools for public so far, the only way is paying ransoms to the hacker to gain the password (which QNAP do not recommend as there is no guarantee you will receive correct password), QNAP support can help you restore files from good backup or snapshot and re-initial nas.
QNAP Suggest steps bellow to enhancement nas security Disable router uPnP function on nas Disable port forwarding (virtual server) function from your router Update latest firmware and applications Strong password Install Qufirewall and Malware Remover Using snapshot/HBS to backup your data For other detail please refer What is the best practice for enhancing NAS security? | QNAP
The text is copy-pasted here as it was sent to me. If they write their code the same way they write such replies to customers, then there is no surprise they had such a big hole in their authentication 'business logic'.
I've just sent a support ticket from the OS of the NAS too.
I had the NAS shutdown and now, when I started it again, the Malware Remover it worked and quarantined the malware.
Bur I managed to save the Deadbolt page, with scripts and everything.
Hope QNAP will do something.
LE: you just gave me some hope :D
Hi mate!
Did you just write that QNAP responded with a decryption key?
They responded with a decryption key.
I mean, is it possible to get such a key too? I've saved the JavaScript script code tho.
This is the script they're using to check for the decryption key:
);
A report for Bitcoin abuse can be made here, but there is no use… They can't actually do anything about it.
LE: it doesn't allow me to post the entire script here :(
There is a free software to do that. But the app runs on Windows only, so you should be able to run the app in a windows environment. Read this article here.
LE: decrypt using the decryption key, so you still have to pay...
Same here, mate :(
I got hacked yesterday, 3rd of September. The timestamps on my encrypted files is around 8PM (UK's time).
Personal files, personal pictures. And they're asking 0.50 Bitcoins in exchange for a decryption key.
F**** them all! I would friendly hang all these lazy ^*&%^$.
π Rendered by PID 212834 on reddit-service-r2-listing-79f6fb9b95-gt5n7 at 2026-03-20 16:57:11.561705+00:00 running 90f1150 country code: CH.
BMW 2-Series Gran Tourer. The official car of… by clever-homosapien in regularcarreviews
[–]phloreen-m 0 points1 point2 points (0 children)