Synology NAS servers plagued by Ransomware (updated)

Published by

Click here to post a comment for Synology NAS servers plagued by Ransomware (updated) on our message forum
#4887986
https://forums.guru3d.com/data/avatars/m/208/208453.jpg
Regardless the money extortion they seem to be very cordial, lool.
#4888000
data/avatar/default/avatar04.webp
Bastards! Just put a pair of 6TB Reds in mine, luckily I've not put all my data back and still have the data backed up, plus I switched it off this morning so we'll check it when I get home and see if it was infected! Did Synology infect the latest DSM on purpose I wonder πŸ˜€
#4888006
https://forums.guru3d.com/data/avatars/m/164/164785.jpg
No issues on any of mine - I suspect this has something to do with old DSMs.
#4888008
data/avatar/default/avatar31.webp
no issues on any of mine - i suspect this has something to do with old dsms.
yet!!!
#4888019
https://forums.guru3d.com/data/avatars/m/164/164785.jpg
Well, they are all offline now until we get some kind of clarification from Synology as to whether it is a security issue with an older DSM or a more current issue.
#4888049
data/avatar/default/avatar31.webp
I checked mine when not online and all ok, but now powered down! Fcuking scumbags, someone ought to track em' down and film them being shot!!
#4888052
https://forums.guru3d.com/data/avatars/m/164/164785.jpg
Yah, this kind of crap really pisses me off - jagovs πŸ™
#4888073
data/avatar/default/avatar07.webp
this is so misleading its borderline hilarious. it isnt synology's fault that the user hasn't secured their system / NAS sufficiently. EDIT: just read up about their E-Z software that opens it up to takeovers... thats BAAAAAAAAAD! block the ports ladies and gents, plug them holes!
#4888202
https://forums.guru3d.com/data/avatars/m/253/253999.jpg
I'm not a miner so not sure about this, but since they ask for the BTC to be sent to an address in the 1st step, why not just trace it?
#4888303
https://forums.guru3d.com/data/avatars/m/196/196284.jpg
this is so misleading its borderline hilarious. it isnt synology's fault that the user hasn't secured their system / NAS sufficiently. EDIT: just read up about their E-Z software that opens it up to takeovers... thats BAAAAAAAAAD! block the ports ladies and gents, plug them holes!
If there is a known security hole in Synology's software or firmware.....it is their fault..... They have a responsibility to patch any and all known security holes.
#4888351
https://forums.guru3d.com/data/avatars/m/254/254719.jpg
I'm not a miner so not sure about this, but since they ask for the BTC to be sent to an address in the 1st step, why not just trace it?
Im not an expert but I think you can't trace that πŸ˜›aranoid:
#4888355
https://forums.guru3d.com/data/avatars/m/252/252888.jpg
A**wipes, this is even worse than the recent mining "joke". 😑 This just a prime example of why the device config is sooo important. We've got a few customers who were also infected, luckily those were just "data storage", inmagine losing your backup and database... I hate working 12 hours + :P
#4888400
data/avatar/default/avatar34.webp
I'd guess it's businesses they are really targetting but home users get caught as well. Not everyone is a Security Expert and knows how to lock down ports, configure firewall rules or generate/import SSL certificates, that's not the knowledge you'd expect your average home user to possess, so to blame the user entirely is a bit unfair. There needs to be more education, Synology has a few tutorials: Secure your NAS over the Internet Secure your NAS with HTTPS But, if you don't need to access your NAS via the internet then just don't use port forwarding, don't put a gateway IP in it and block access to all IP's except your local LAN. This POST may help too, although again you unfortunately need to understand what you are doing πŸ™ plus it's written when DSM4 was out but same can apply to DSM5.