Guru3D.com Forums

Go Back   Guru3D.com Forums > General Chat > Frontpage news
Frontpage news Perhaps you have some news to report or want to check out the latest Guru3D headlines and comment ? Check it in here.


Reply
 
Thread Tools Display Modes
Synology NAS servers plagued by Ransomware
Old
  (#1)
Hilbert Hagedoorn
Don Vito Corleone
 
Hilbert Hagedoorn's Avatar
 
Videocard: AMD | NVIDIA
Processor: Core i7 4770K
Mainboard: Z77
Memory: 8GB
Soundcard: X-Fi - GigaWorks 7.1
PSU: 1200 Watt
Default Synology NAS servers plagued by Ransomware - 08-04-2014, 14:06 | posts: 21,292 | Location: Guru3D testlab

Multiple users of a popular Synology NAS are complaining that their NAS unit was infected with Ransomware, encrypting their data rendering it as inaccessible. The malware called Synolocker encrypts al...

Synology NAS servers plagued by Ransomware
   
Reply With Quote
 
Old
  (#2)
Vtech
Member Guru
 
Vtech's Avatar
 
Videocard: Asus GTX 560Ti DiCUII OC
Processor: Intel i5-4670K
Mainboard: MSI Z87-G43
Memory: 16GB Kingston Beast
Soundcard: X-Fi Extreme Gammer
PSU: PC Power & Cooling 610W
Default 08-04-2014, 14:28 | posts: 76 | Location: Portugal

Regardless the money extortion they seem to be very cordial, lool.
   
Reply With Quote
Old
  (#3)
BarryB
Maha Guru
 
Videocard: Palit Super Jetstream 780
Processor: i7 4770K + Kraken X60
Mainboard: ASUS SABERTOOTH-Z87 1405
Memory: 16GB Corsair Vengeance
Soundcard: Onboard Realtek ALC1150
PSU: Corsair AX1200 1200w
Default 08-04-2014, 14:55 | posts: 830

Bastards! Just put a pair of 6TB Reds in mine, luckily I've not put all my data back and still have the data backed up, plus I switched it off this morning so we'll check it when I get home and see if it was infected! Did Synology infect the latest DSM on purpose I wonder
   
Reply With Quote
Old
  (#4)
ethne
Maha Guru
 
Videocard: 3xEVGA 980 SC/U28D590Dx2
Processor: Intel i7 5960X @ 4.4/H110
Mainboard: EVGA X99 Classified
Memory: 32GB GSKILL DDR4 @ 2666
Soundcard: SB ZxR
PSU: Antec HCP-1300 PSU
Default 08-04-2014, 15:02 | posts: 1,588 | Location: US

No issues on any of mine - I suspect this has something to do with old DSMs.
   
Reply With Quote
 
Old
  (#5)
BarryB
Maha Guru
 
Videocard: Palit Super Jetstream 780
Processor: i7 4770K + Kraken X60
Mainboard: ASUS SABERTOOTH-Z87 1405
Memory: 16GB Corsair Vengeance
Soundcard: Onboard Realtek ALC1150
PSU: Corsair AX1200 1200w
Default 08-04-2014, 15:04 | posts: 830

Quote:
Originally Posted by ethne View Post
no issues on any of mine - i suspect this has something to do with old dsms.
yet!!!
   
Reply With Quote
Old
  (#6)
ethne
Maha Guru
 
Videocard: 3xEVGA 980 SC/U28D590Dx2
Processor: Intel i7 5960X @ 4.4/H110
Mainboard: EVGA X99 Classified
Memory: 32GB GSKILL DDR4 @ 2666
Soundcard: SB ZxR
PSU: Antec HCP-1300 PSU
Default 08-04-2014, 15:19 | posts: 1,588 | Location: US

Well, they are all offline now until we get some kind of clarification from Synology as to whether it is a security issue with an older DSM or a more current issue.
   
Reply With Quote
Old
  (#7)
BarryB
Maha Guru
 
Videocard: Palit Super Jetstream 780
Processor: i7 4770K + Kraken X60
Mainboard: ASUS SABERTOOTH-Z87 1405
Memory: 16GB Corsair Vengeance
Soundcard: Onboard Realtek ALC1150
PSU: Corsair AX1200 1200w
Default 08-04-2014, 16:34 | posts: 830

I checked mine when not online and all ok, but now powered down! Fcuking scumbags, someone ought to track em' down and film them being shot!!
   
Reply With Quote
Old
  (#8)
ethne
Maha Guru
 
Videocard: 3xEVGA 980 SC/U28D590Dx2
Processor: Intel i7 5960X @ 4.4/H110
Mainboard: EVGA X99 Classified
Memory: 32GB GSKILL DDR4 @ 2666
Soundcard: SB ZxR
PSU: Antec HCP-1300 PSU
Default 08-04-2014, 16:44 | posts: 1,588 | Location: US

Yah, this kind of crap really pisses me off - jagovs
   
Reply With Quote
Old
  (#9)
Enticles
Member Guru
 
Videocard: Sapphire Radeon 7970 3GB
Processor: AMD FX-8350 @ 4.5Ghz
Mainboard: Gigabyte-UD3-990FX
Memory: DDR3 32GB 1866mhz
Soundcard: Logitech G35 Headset
PSU: Corsair M600
Default 08-04-2014, 17:30 | posts: 71 | Location: Yellowknife, Northwest Territories

this is so misleading its borderline hilarious.

it isnt synology's fault that the user hasn't secured their system / NAS sufficiently.

EDIT: just read up about their E-Z software that opens it up to takeovers... thats BAAAAAAAAAD!

block the ports ladies and gents, plug them holes!

Last edited by Enticles; 08-04-2014 at 17:41.
   
Reply With Quote
Old
  (#10)
eXXon
Newbie
 
eXXon's Avatar
 
Videocard: GTX780 SLI
Processor: 3930K(4.75GHz@1.43v)
Mainboard: BigBang II
Memory: 4GBx8 1600 C9 ARES
Soundcard: Creative X-Fi Titanium
PSU: MK-III Silencer 1200W
Default 08-04-2014, 21:54 | posts: 33 | Location: Riyadh

I'm not a miner so not sure about this, but since they ask for the BTC to be sent to an address in the 1st step, why not just trace it?
   
Reply With Quote
 
Old
  (#11)
sykozis
Ancient Guru
 
sykozis's Avatar
 
Videocard: Radeon R7 240
Processor: AMD Athlon 5350
Mainboard: Asus AM1M-A
Memory: 8gb G.Skill DDR3-1866
Soundcard: Creative SB X-Fi Go!
PSU: Unk 300watt
Default 08-05-2014, 02:14 | posts: 16,583 | Location: US East Coast

Quote:
Originally Posted by Enticles View Post
this is so misleading its borderline hilarious.

it isnt synology's fault that the user hasn't secured their system / NAS sufficiently.

EDIT: just read up about their E-Z software that opens it up to takeovers... thats BAAAAAAAAAD!

block the ports ladies and gents, plug them holes!
If there is a known security hole in Synology's software or firmware.....it is their fault..... They have a responsibility to patch any and all known security holes.


   
Reply With Quote
Old
  (#12)
benq
Member Guru
 
benq's Avatar
 
Videocard: Nvidia 450 gts
Processor: i7 3930K
Mainboard: GA-X79-UP4
Memory: 16GB 1600Mhz
Soundcard:
PSU: 650W
Default 08-05-2014, 07:12 | posts: 54

Quote:
Originally Posted by eXXon View Post
I'm not a miner so not sure about this, but since they ask for the BTC to be sent to an address in the 1st step, why not just trace it?
Im not an expert but I think you can't trace that
   
Reply With Quote
Old
  (#13)
Twiddles
Master Guru
 
Twiddles's Avatar
 
Videocard: AMD 280X (7970) 1265/1725
Processor: FX 8350 5Ghz -Nepton 280L
Mainboard: Gigabyte 990FX-UD3 rev 4
Memory: Vengeance Pro 32GB 1866
Soundcard: Essence STX & AKG K702
PSU: XFX PRO850W Core Edition
Default 08-05-2014, 07:35 | posts: 208 | Location: Netherlands, Langerak ZH

A**wipes, this is even worse than the recent mining "joke". This just a prime example of why the device config is sooo important. We've got a few customers who were also infected, luckily those were just "data storage", inmagine losing your backup and database... I hate working 12 hours +
   
Reply With Quote
Old
  (#14)
BarryB
Maha Guru
 
Videocard: Palit Super Jetstream 780
Processor: i7 4770K + Kraken X60
Mainboard: ASUS SABERTOOTH-Z87 1405
Memory: 16GB Corsair Vengeance
Soundcard: Onboard Realtek ALC1150
PSU: Corsair AX1200 1200w
Default 08-05-2014, 09:53 | posts: 830

I'd guess it's businesses they are really targetting but home users get caught as well.

Not everyone is a Security Expert and knows how to lock down ports, configure firewall rules or generate/import SSL certificates, that's not the knowledge you'd expect your average home user to possess, so to blame the user entirely is a bit unfair. There needs to be more education, Synology has a few tutorials:

Secure your NAS over the Internet

Secure your NAS with HTTPS

But, if you don't need to access your NAS via the internet then just don't use port forwarding, don't put a gateway IP in it and block access to all IP's except your local LAN.

This POST may help too, although again you unfortunately need to understand what you are doing plus it's written when DSM4 was out but same can apply to DSM5.
   
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
vBulletin Skin developed by: vBStyles.com
Copyright (c) 1995-2014, All Rights Reserved. The Guru of 3D, the Hardware Guru, and 3D Guru are trademarks owned by Hilbert Hagedoorn.