How to protect
Last weekend NAS Synology had contact with a trojan, named SynoLocker. This trojan locks all data on the device, and ask for a ransom to decrypt them, while complitely blocking the access to the DSM. Synology is working on it, and in the meantime is telling its users what's the best way to protect themselves from it.
Copying CryptoLocker, the new SynoLocker went right after NAS Synology, exploiting a loophole that was fixed in December 2013. For example, the DSM 5.0 based devices won't have any problem since they can't be attacked like that.
For those who use the 4.3-3810 version or earlier, you will have to be aware about a few things. If you have any kind of doubt, or you find the "synosync" process, or you are not able to update the system to a new version, you are kindly invited to turn off the device and contact Synology technical support.
For those who are not infected, the solution is simple. You must update your system, preferably to DSM 5.0, but if you are using DSM 4.0 you can settle for DSM 4.0-2259 which is enough to fix the issue: for those running on DSM 4.1 or 4.2, you should update at least to DSM 4.2-3243 to be safe, while those using DSM 4.3 should use DSM 4.3-3827. These are the safe versions of DSM that can't be attacked by the trojan.
For those already infected, you can retrieve your DSM 5.0 to start up the NAS again. Unfortunately there are no solutions to retrieve the crypted data, and we are still waiting for Synology to talk about a solution.
Source: Le Comptoir du Hardware.
Copying CryptoLocker, the new SynoLocker went right after NAS Synology, exploiting a loophole that was fixed in December 2013. For example, the DSM 5.0 based devices won't have any problem since they can't be attacked like that.
For those who use the 4.3-3810 version or earlier, you will have to be aware about a few things. If you have any kind of doubt, or you find the "synosync" process, or you are not able to update the system to a new version, you are kindly invited to turn off the device and contact Synology technical support.
For those who are not infected, the solution is simple. You must update your system, preferably to DSM 5.0, but if you are using DSM 4.0 you can settle for DSM 4.0-2259 which is enough to fix the issue: for those running on DSM 4.1 or 4.2, you should update at least to DSM 4.2-3243 to be safe, while those using DSM 4.3 should use DSM 4.3-3827. These are the safe versions of DSM that can't be attacked by the trojan.
For those already infected, you can retrieve your DSM 5.0 to start up the NAS again. Unfortunately there are no solutions to retrieve the crypted data, and we are still waiting for Synology to talk about a solution.
Source: Le Comptoir du Hardware.
News by Luca Rocchi and Marc Büchel - German Translation by Paul Görnhardt - Italian Translation by Francesco Daghini
Previous article - Next article
comments powered by Disqus
comments powered by Disqus