Storage Guide

Update your Synology NAS to avoid attacks from “SynoLocker" ransomware

Update your Synology NAS to avoid attacks from “SynoLocker" ransomware

It is confirmed that Synology NAS servers running older versions of DiskStation Manager (DSM) are being targeted by a ransomware known as "SynoLocker," which exploits two vulnerabilities that were fixed in November and December, 2013, respectively. At that time, Synology released security updates and notified users to update via various channels.

Common Symptoms

Affected users may encounter one of the following symptoms:

  • When attempting to log in to DSM, a screen appears informing users that their data has been encrypted and a fee is required to unlock data.
  • Abnormally high CPU usage or a running process called "synosync" (which can be checked at Main Menu > Resource Monitor).
  • DSM 4.3-3810 or earlier; DSM 4.2-3236 or earlier; DSM 4.1-2851 or earlier; DSM 4.0-2257 or earlier is installed, but the system says no updates are available at Control Panel > DSM Update.

 

Synology's Suggestion

For users who have encountered the above symptoms, please shutdown the system immediately to avoid more files from being encrypted and contact our technical support to confirm whether the system is infected. Please note Synology is unable to decrypt files that have already been encrypted.

If you happen to possess a backup copy of your files (or there are no critical files stored on your DiskStation), Synology recommends following the below steps to reset your DiskStation and re-install DSM. However, resetting the DiskStation removes the information required for decryption, so encrypted files cannot be decrypted afterward.

For other users who have not encountered the above symptoms, Synology strongly recommends downloading and installing DSM 5.0, or any version below:

  • DSM 4.3-3827 or later
  • DSM 4.2-3243 or later
  • DSM 4.0-2259 or later
  • DSM 3.x or earlier is not affected

Users can also manually download the latest version from Synology's Download Center and install it at Control Panel > DSM Update > Manual DSM Update.

If you notice your DiskStation behaving suspiciously even after being upgraded to the latest DSM version, contact security@synology.com.

All Reponses

Please login to comment or register here.
No Comments currently, be the first to roll the ball.

All News Categories