Synology NAS servers plagued by Ransomware

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Aug 4, 2014.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    48,392
    Likes Received:
    18,564
    GPU:
    AMD | NVIDIA
    Multiple users of a popular Synology NAS are complaining that their NAS unit was infected with Ransomware, encrypting their data rendering it as inaccessible. The malware called Synolocker encrypts al...

    Synology NAS servers plagued by Ransomware
     
  2. Vtech

    Vtech Member Guru

    Messages:
    135
    Likes Received:
    16
    GPU:
    MSI GTX1080
    Regardless the money extortion they seem to be very cordial, lool.
     
  3. BarryB

    BarryB Guest

    Messages:
    1,163
    Likes Received:
    10
    GPU:
    Palit SJS 780 in SLI
    Bastards! Just put a pair of 6TB Reds in mine, luckily I've not put all my data back and still have the data backed up, plus I switched it off this morning so we'll check it when I get home and see if it was infected! Did Synology infect the latest DSM on purpose I wonder :D
     
  4. BangTail

    BangTail Guest

    Messages:
    3,568
    Likes Received:
    1,099
    GPU:
    EVGA 2080 Ti XC
    No issues on any of mine - I suspect this has something to do with old DSMs.
     

  5. BarryB

    BarryB Guest

    Messages:
    1,163
    Likes Received:
    10
    GPU:
    Palit SJS 780 in SLI
    yet!!!
     
  6. BangTail

    BangTail Guest

    Messages:
    3,568
    Likes Received:
    1,099
    GPU:
    EVGA 2080 Ti XC
    Well, they are all offline now until we get some kind of clarification from Synology as to whether it is a security issue with an older DSM or a more current issue.
     
  7. BarryB

    BarryB Guest

    Messages:
    1,163
    Likes Received:
    10
    GPU:
    Palit SJS 780 in SLI
    I checked mine when not online and all ok, but now powered down! Fcuking scumbags, someone ought to track em' down and film them being shot!!
     
  8. BangTail

    BangTail Guest

    Messages:
    3,568
    Likes Received:
    1,099
    GPU:
    EVGA 2080 Ti XC
    Yah, this kind of crap really pisses me off - jagovs :(
     
  9. Enticles

    Enticles Guest

    Messages:
    242
    Likes Received:
    10
    GPU:
    Asus RTX 3070ti
    this is so misleading its borderline hilarious.

    it isnt synology's fault that the user hasn't secured their system / NAS sufficiently.

    EDIT: just read up about their E-Z software that opens it up to takeovers... thats BAAAAAAAAAD!

    block the ports ladies and gents, plug them holes!
     
    Last edited: Aug 4, 2014
  10. eXXon

    eXXon Guest

    Messages:
    42
    Likes Received:
    0
    GPU:
    GTX780 SLI
    I'm not a miner so not sure about this, but since they ask for the BTC to be sent to an address in the 1st step, why not just trace it?
     

  11. sykozis

    sykozis Ancient Guru

    Messages:
    22,492
    Likes Received:
    1,537
    GPU:
    Asus RX6700XT
    If there is a known security hole in Synology's software or firmware.....it is their fault..... They have a responsibility to patch any and all known security holes.
     
  12. benq

    benq Guest

    Messages:
    80
    Likes Received:
    0
    GPU:
    1
    Im not an expert but I think you can't trace that :paranoid:
     
  13. Twiddles

    Twiddles Maha Guru

    Messages:
    1,155
    Likes Received:
    11
    GPU:
    MSI 2080 2190-7550
    A**wipes, this is even worse than the recent mining "joke". :mad: This just a prime example of why the device config is sooo important. We've got a few customers who were also infected, luckily those were just "data storage", inmagine losing your backup and database... I hate working 12 hours + :p
     
  14. BarryB

    BarryB Guest

    Messages:
    1,163
    Likes Received:
    10
    GPU:
    Palit SJS 780 in SLI
    I'd guess it's businesses they are really targetting but home users get caught as well.

    Not everyone is a Security Expert and knows how to lock down ports, configure firewall rules or generate/import SSL certificates, that's not the knowledge you'd expect your average home user to possess, so to blame the user entirely is a bit unfair. There needs to be more education, Synology has a few tutorials:

    Secure your NAS over the Internet

    Secure your NAS with HTTPS

    But, if you don't need to access your NAS via the internet then just don't use port forwarding, don't put a gateway IP in it and block access to all IP's except your local LAN.

    This POST may help too, although again you unfortunately need to understand what you are doing :( plus it's written when DSM4 was out but same can apply to DSM5.
     

Share This Page