Synolocker attacks Synology NAS devices

Synolocker is an extremely dangerous ransomware infection that has recently attacked the network-attached storage (NAS) devices manufactured by a Taiwanese corporation named Synology Inc. The malicious threat has targeted Synology servers, and the corporation is advising affected users to immediately shutdown their servers in order to prevent further damage. The victims of the infection are also warned to be alert to the possibility of receiving spam emails under the name of Synology.

Synolocker has attacked the DMS 4.3 version and prior, which is Synology’s operating system, and, according to the latest analysis provided by Synolocker, the news DMS 5.0 version is not vulnerable.

Synolocker is a file encrypting infection, which is similar to Cryptolocker due to the choices of encryption algorithms and their parameters. The infection is capable of encrypting a range of files, including formats such as .bay, .kd, .dng, .text, .php, and many others.

Once files have been encrypted, Synolocker presents the user with a ransom warning which instructs the victim to download and install the Tor Browser and access a certain website, which works using only the browser mentioned.

In order to decrypt files, the user is required to pay a sum of a 0.6 Bitcoins (approximately $350 USD). After paying the money required, the victim should be provided with a decryption key, which has to be pasted into the ransom box in order to have the files decrypted. However, it is important to note that there is no guarantee that the attackers behind the Synolocker malware are willing to restore users’ access to their data.

The Synolocker malware also provides the victims with a customer support web page where they can get information concerning the so-called ransom and money transaction.

If you have noticed that your device is not working properly or you know that it is infected with Synolocker, you should disconnect the machine from the Internet and contact the manufacturer in order to get some guidelines on how to update your DMS. In case the computer has not been compromised, you should upgrade to the latest DMS to prevent damage.

In general, there are two ways to update DMS. First, you can go to Control Panel and select DMS Update, or download an update manually from the download center http://www.synology.com/support/download.