Synology – SynoLocker Notice

0
Synology DS414slim front
Synology DS414slim front
STH has many users that are running Synology NAS units. There is a serious security vulnerability that Synology users should be aware of. There is a live CryptoLocker hack called SynoLocker out in the wild. SynoLocker is a BitCoin mining hack that encrypts portions of data. The hack then ransoms the decryption key for .6 BitCoin (which is about $350.) Currently the vulnerability is targeting DSM 4.3. Perhaps the most troubling facet about the vulnerability is that is is an attack launched against Internet facing Synology units. The best advice here is really to ensure that the Synology unit is not available via the Internet for the time being and get on the latest DSM versions.
Synology sent their advice:

[tabgroup][tab title=”Advice from Synology regarding SynoLocker”]

…we are asking people to take the following precautions:

A. Close all open ports for external access as soon as possible, and/or unplug your Disk/RackStation from your router

B. Update DSM to the latest version

C. Backup your data as soon as possible

D. Synology will provide further information as soon as it is available.

If your NAS has been infected:

A. Do not trust/ignore any email from unauthorized/non-genuine Synology email. Synology email always has the “synology.com” address suffix.

B. Do a hard shutdown of your Disk/RackStation to prevent any further issues. This entails a long-press of your unit’s power button, until a long beep has been heard. The unit will shut itself down safely from that point.

C. Contact Synology Support as soon as possible at, http://www.synology.com/en-global/support/knowledge_base

[/tab][/tabgroup]

I would expect Synology to have a more robust response and patches over the next few days. If you are a Synology user, it is strongly suggested that you follow the company’s response to this SynoLocker vulnerability.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.