/>
X

Ransomware attacks Synology NAS devices

"SynoLocker" malware infects through a vulnerability in older versions of their NAS software. The attack demands 0.6 BitCoins (about $350) to decrypt files.
larry-seltzer-thumb.jpg
Written by Larry Seltzer, Contributing Editor on

Synology has confirmed user reports that some of their Diskstation devices are being taken over by a ransomware attack. The attack replaces the DSM management software on the NAS, encrypts the files on the device and demands that the user pay 0.6 BitCoins to retrieve the files.

A Synology spokesperson told ZDNet that "Synology is fully dedicated to investigating this issue and possible solutions. Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. At present, we have not observed this vulnerability in DSM 5.0."

Synology adds that they will make an announcement in Synology official forums and our social media to help our users mitigate the issue.

NAS devices are typically headless (i.e. without a display) dedicated file servers, usually running Linux. They are reachable over the network like any other Linux device and programming the system need not require much intimate knowledge of the applications running on it.

Synology recommends to users who encounter this problem that they shut the device down immediately and contact the Synology support team.

Users who have not encountered the problem, they recommend updating to DSM 5.0, or any of these fixed versions:

  • For DSM 4.3, please install DSM 4.3-3827 or later
  • For DSM 4.1 or DSM 4.2, please install DSM 4.2-3243 or later
  • For DSM 4.0, please install DSM 4.0-2259 or later

DSM can be updated by going to Control Panel > DSM Update. Users can also manually download and install the latest version from the Synology Download Center.

Related

Delta Air Lines just made an embarrassing announcement (you may be livid)
screen-shot-2022-06-22-at-3-50-54-pm.png

Delta Air Lines just made an embarrassing announcement (you may be livid)

Business
This stuff is better than compressed air for cleaning your dirty tech
img-6864

This stuff is better than compressed air for cleaning your dirty tech

Office Hardware & Appliances
Linus Torvalds is cautiously optimistic about bringing Rust into Linux kernel's next release
rusty gears

Linus Torvalds is cautiously optimistic about bringing Rust into Linux kernel's next release

Enterprise Software