Ransomware Attacks Synology’s NAS line
Synology’s network attached storage (NAS) devices have been hacked and their data is held ransom for 0.6 Bitcoins, according to a Facebook post by the company, which manufactures NAS appliances.
Owners of Synology’s NAS devices reported finding a message by a so-called “SynoLocker Automated Decryption Service” when trying to access the homepage of their NAS device.
The message states that “all important files on this NAS have been encrypted using strong cryptography” and asks for the value of 0.6 Bitcoins to unlock the encrypted files. The hackers urge the victims to transfer the amount by accessing a specific link within the Tor browser. Once the transaction is complete, the user will allegedly receive a decryption key to recover the data.
“Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013,” the company announced on its forum. “At present, we have not observed this vulnerability in DSM 5.0.”
The company recommends affected users power off their DiskStation services and contact the support department for help. Preventative measures include closing all open ports for external access and backing up sensitive data.
The new attack on Synology comes months after Synology NAS devices were struck by fraudulent Bitcoin mining operators.
Synology Inc. is a Taiwanese corporation founded in 2000 which specializes in network attached storage (NAS) appliances. Synology’s line of NASs is known as the DiskStation for desktop models and RackStation for rack-mount models.