Ransomware attacks Synology NAS devices

Ransomware attacks Synology NAS devices

Summary: "SynoLocker" malware infects through a vulnerability in older versions of their NAS software. The attack demands 0.6 BitCoins (about $350) to decrypt files.

SHARE:
TOPICS: Security, Storage
12

Synology has confirmed user reports that some of their Diskstation devices are being taken over by a ransomware attack. The attack replaces the DSM management software on the NAS, encrypts the files on the device and demands that the user pay 0.6 BitCoins to retrieve the files.

A Synology spokesperson told ZDNet that "Synology is fully dedicated to investigating this issue and possible solutions. Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. At present, we have not observed this vulnerability in DSM 5.0."

Read this

How often should you conduct penetration testing?

How often should you conduct penetration testing?

In a rapidly shifting attack landscape against the backdrop of a hackers' black market worth billions, if you wait to pentest -- you lose.

Synology adds that they will make an announcement in Synology official forums and our social media to help our users mitigate the issue.

NAS devices are typically headless (i.e. without a display) dedicated file servers, usually running Linux. They are reachable over the network like any other Linux device and programming the system need not require much intimate knowledge of the applications running on it.

Synology recommends to users who encounter this problem that they shut the device down immediately and contact the Synology support team.

Users who have not encountered the problem, they recommend updating to DSM 5.0, or any of these fixed versions:

  • For DSM 4.3, please install DSM 4.3-3827 or later
  • For DSM 4.1 or DSM 4.2, please install DSM 4.2-3243 or later
  • For DSM 4.0, please install DSM 4.0-2259 or later

DSM can be updated by going to Control Panel > DSM Update. Users can also manually download and install the latest version from the Synology Download Center.

Topics: Security, Storage

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

12 comments
Log in or register to join the discussion
  • Slack Administration

    No 1 security rule, check and apply patches when available.
    Alan Smithie
    • You can say that again

      Sorry - couldn't resist.
      Luke Skywalker
      • Say it twice

        Then the message might get home :)
        Alan Smithie
  • Slack Administration

    No 1 security rule, check and apply patches when available.
    Alan Smithie
  • No 2 security rule

    Do not use appliances based on Linux?
    honeymonster
    • The issue in the article has nothing

      to do with Linux. Nothing...

      FTFY!
      daikon
    • No3 Security Rule

      Don't take security advice from a Windows user.
      Alan Smithie
    • Research much?

      Most of the routers you encounter on a daily basis are built on a Linux kernel of some flavor. Cisco seems to be the biggest one that doesn't use it, but most of the other big ones do.
      rshores
  • No 2 security rule

    He can't help himself. Just another low I.Q., know nothing Linux basher. Doesn't know that most Internet appliances run Linux or BSD.
    Denny Fry
    • Time problems

      I notice on my last comment, the date and time say 6 August, 2014 01:11. Here and now in my time it is 5 August 2014 20:11 or 8:11 P.M.. Why the 5 hour difference?
      Denny Fry
      • Not everywhere on earth has the same time

        Consider that the time may be set to London
        Larry Seltzer
  • Hmmmm

    I keep reading from Linux fanboys that they worry about malware?
    ReadandShare