Slashdot Mirror

← Back to Stories (view on slashdot.org)

Synolocker 0-Day Ransomware Puts NAS Files At Risk

Posted by Unknown on from the you-have-an-offsite-backup-right? dept.

Deathlizard (115856) writes "Have a Synology NAS? Is it accessible to the internet? If it is, You might want to take it offline for a while. Synolocker is a 0-day ransomware that once installed, will encrypt all of the NAS's files and hold them for ransom just like Cryptolocker does for windows PC's. The Virus is currently exploiting an unknown vulnerability to spread. Synology is investigating the issue."

7 of 150 comments (clear)

  1. This is how we learn by Anonymous Coward · · Score: 5, Insightful

    not to connect your NAS directly to the internet.

    1. Re:This is how we learn by jonwil · · Score: 4, Insightful

      It should be attached to a network fire-walled off from the Internet and only accessible if you are on the local LAN.

    2. Re:This is how we learn by rikkards · · Score: 4, Insightful

      Kind of defeats the cloud feature on Synology NAS doesn't it? Granted you should have it firewalled off except for the specific port it needs.

    3. Re:This is how we learn by spacefight · · Score: 4, Insightful

      What if the attack surface is the "port it needs"?

    4. Re:This is how we learn by Anonymous Coward · · Score: 2, Insightful

      Yes.

  2. Re:Nuke it from orbit, then restore from backups. by Noughmad · · Score: 3, Insightful

    Backup? What do people usually use NAS for, I always thought it's mostly for ripped/torrented movies and backups of other computers. Neither of these need backups.

    --
    PlusFive Slashdot reader for Android. Can post comments.
  3. Re:Cheeky bastards by drinkypoo · · Score: 3, Insightful

    I have a real hard time respecting that copyright...

    And yet you are still required by law to respect it, even though the act of creating and disseminating that code is illegal.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"