Synology NAS servers have been hit by malware that encrypts files and demands a ransom to unlock them.
The issue seems to only affect Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier).
The malware, called SynoLocker, exploits a security vulnerability that was fixed in December 2013.
Synology has confirmed that it has not observed this vulnerability in DSM 5.0 and is urging users who have not been affected yet to download and install a new version as soon as possible to prevent the issue.
For DSM 4.3, users need to install DSM 4.3-3827 or later. For DSM 4.1 or DSM 4.2 users need to install DSM 4.2-3243 or later. And for DSM 4.0 users need to install DSM 4.0-2259 or later.
DSM can be updated by going to Control Panel > DSM Update. Users can also manually download and install the latest version from our Download Center here: http://www.synology.com/support/download.
If users have noticed that when attempting to log in to DSM a screen appears informing them that data has been encrypted and a fee is required, if they notice a process called ‘synosync’ running in Resource Monitor, or if they system is saying is has the latest version of DSM when the user knows it doesn’t, Synology advises they shutdown their system and contact the firm’s support team at https://myds.synology.com/support/support_form.php.
“We sincerely apologise for any problems or inconvenience this issue has caused our users,” said Synology in an official statement.
“If users notice any strange behaviour or suspect their Synology NAS server has been affected by the above issue, we encourage them to contact us at firstname.lastname@example.org where a dedicated team will look into their case.”