Earlier there were some reports that several Synology Disktation devices are having a a ransomware attack. Successful attacks resulted in DSM management software overwrite and files encryptions. Furthermore, users are asked to pay ransom of 0.6 BitCoins to retrieve the files.
Synology envoy said: “Synology is fully dedicated to investigating this issue and possible solutions. Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. At present, we have not observed this vulnerability in DSM 5.0.”
Synology promised that they will release announcements on forums and social media networks with tips for users on how to solve this problem.
Most of NAS devices are dedicated file servers with Linux OS and with no display. Those devices are controlled over the common network and a huge knowledge is needed to control processes that run on servers. Synology advise users that have encountered this problem to shut down the device immediately and reach out to the Synology support team for the assistance.
If no problems were indicated, it is recommended to update DSM 5.0 or other fixed versions:
•For DSM 4.3, please install DSM 4.3-3827 or later
•For DSM 4.1 or DSM 4.2, please install DSM 4.2-3243 or later
•For DSM 4.0, please install DSM 4.0-2259 or later
