Synology NAS servers plagued by Ransomware (updated)
Click here to post a comment for Synology NAS servers plagued by Ransomware (updated) on our message forum
Vtech
Regardless the money extortion they seem to be very cordial, lool.
BarryB
Bastards! Just put a pair of 6TB Reds in mine, luckily I've not put all my data back and still have the data backed up, plus I switched it off this morning so we'll check it when I get home and see if it was infected! Did Synology infect the latest DSM on purpose I wonder π
BangTail
No issues on any of mine - I suspect this has something to do with old DSMs.
BarryB
BangTail
Well, they are all offline now until we get some kind of clarification from Synology as to whether it is a security issue with an older DSM or a more current issue.
BarryB
I checked mine when not online and all ok, but now powered down! Fcuking scumbags, someone ought to track em' down and film them being shot!!
BangTail
Yah, this kind of crap really pisses me off - jagovs π
Enticles
this is so misleading its borderline hilarious.
it isnt synology's fault that the user hasn't secured their system / NAS sufficiently.
EDIT: just read up about their E-Z software that opens it up to takeovers... thats BAAAAAAAAAD!
block the ports ladies and gents, plug them holes!
eXXon
I'm not a miner so not sure about this, but since they ask for the BTC to be sent to an address in the 1st step, why not just trace it?
sykozis
benq
Twiddles
A**wipes, this is even worse than the recent mining "joke". π‘ This just a prime example of why the device config is sooo important. We've got a few customers who were also infected, luckily those were just "data storage", inmagine losing your backup and database... I hate working 12 hours + :P
BarryB
I'd guess it's businesses they are really targetting but home users get caught as well.
Not everyone is a Security Expert and knows how to lock down ports, configure firewall rules or generate/import SSL certificates, that's not the knowledge you'd expect your average home user to possess, so to blame the user entirely is a bit unfair. There needs to be more education, Synology has a few tutorials:
Secure your NAS over the Internet
Secure your NAS with HTTPS
But, if you don't need to access your NAS via the internet then just don't use port forwarding, don't put a gateway IP in it and block access to all IP's except your local LAN.
This POST may help too, although again you unfortunately need to understand what you are doing π plus it's written when DSM4 was out but same can apply to DSM5.