« Microsoft releases Office for iPad version update 1.1 | Main | Should you worry about the report of 1.2billion passwords stolen by Russian Hackers? »
Friday
Aug082014

IoSafe - SynLocker Ransomware Alert

DateFriday, August 8, 2014 at 1:08PM

An alert has gone out from IoSafe warning against a possible situation that could harm your IoSafe installations. Check to see if you have a unit that might be affected. An upgrade to their DSM software. See information below:

We would like to inform you that a ransomware called "SynoLocker" is currently affecting some ioSafe/Synology NAS users. This ransomware locks down affected servers, encrypts users’ files, and demands a fee to regain access to the encrypted files.

We have confirmed that the ransomware only affects ioSafe/Synology NAS servers running older versions of DiskStation Manager by exploiting a security vulnerability that was fixed and patched in December, 2013.

Affected users may encounter the following symptoms:

  • When attempting to log in to DSM, a screen appears informing users that data has been encrypted and a fee is required to unlock data.
  • Abnormally high CPU usage or a running process called “synosync” (which can be checked at Main Menu > Resource Monitor).
  • DSM 4.3-3810 or earlier; DSM 4.2-3236 or earlier; DSM 4.1-2851 or earlier; DSM 4.0-2257 or earlier is installed, but the system says no updates are available at Control Panel > DSM Update.

If you have encountered the above symptoms, please shutdown the system immediately and contact our technical support here: https://myds.synology.com/support/support_form.php

If you have not encountered the above symptoms, we strongly recommend downloading and installing DSM 5.0, or any version below:

  • DSM 4.3-3827 or later
  • DSM 4.2-3243 or later
  • DSM 4.0-2259 or later
  • DSM 3.x or earlier is not affected

You can manually download the latest version from our Download Center and install it at Control Panel > DSM Update > Manual DSM Update.

If you notice any strange behavior or suspect your ioSafe/Synology NAS server has been affected by the above issue, please contact us at security@synology.com. We sincerely apologize for any problems or inconvenience this issue has caused our users. We’ll keep you updated with the latest information as we continue to address this issue.

AuthorBob Appleby | CommentPost a Comment |
in , ,

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.