DIY Photography

Your one stop shop for everything photo-video

  • News
  • Inspiration
  • Reviews
  • Tutorials
  • DIY
  • Gear
Search

Submit A Story

Synolocker ‘Service’ Demands 0.6 Bitcoin To Decrypt Your Photos

Aug 4, 2014 by Udi Tirosh 2 Comments

  • Share
  • Tweet
  • Flipboard
  • WhatsApp

synology-synolocker

Any system has its vulnerabilities. But as we get more and more connected, we sometimes expose ourselves to new threats that did not exist before. Many times on this site (and others) we recommended to backup your photos to a safe location. One of the more popular solutions is the Synology disk station.

k.salo at the Synology forums reports that his Disk station was hacked by a ransomeware, his files encrypted and that he is asked demanded to pay 0.6 bitcoins to restore the system.

My Diskstation got hacked last night. When I open the main page on the webserver i get a message that SynoLocker has started encrypting my files and that I have to go to a specific address on Tor network to get the files unlocked. It will cost 0.6 BitCoins. It encrypts file by files. Therefore I started to copy my most important files to another disk while encryption was in progress on other files. After the most important files was copied I turned of my disk.

Quick math shows that 0.6 bitcoins are about $350. The attackers are cleverly maliciously hiding their operations in the TOR network which means that their identities are completely hidden.

As salo notes, there is a way out if you catch it in an early stage as the encryption works file by file. You can copy the critical files and shut the station down until a solution is found.

Twitter Mike Evangelist shows the terrifying screen that you see if you’ve been infected:

https://twitter.com/MikeEvangelist/status/495970097497128960

https://twitter.com/MikeEvangelist/status/495977117843484672

It seems that the team over Synology is aware of the issue and is seeking solutions. In the meantime it may be a good idea to disconnect any disk station from the network.

While it is not clear how the Disk station was compromised, current research points at SynoLocker being a variant of Cryptolocker, a ransomware causing headaches to millions worldwide. This is another reminder of the risks we take when we embrace new technologies.

We have contacted Synology and will update with any new info.

[via slashgear]

UPDATE: Synology reports that this maleware only affects older version of the firmware, and recommends upgrading ASAP. They also provide instructions for safekeeping your station:

 
Synology is fully dedicated to investigating this issue and possible solutions. Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. At present, we have not observed this vulnerability in DSM 5.0.

For Synology NAS servers running DSM 4.3-3810 or earlier, and if users encounter any of the below symptoms, we recommend they shutdown their system and contact our technical support team here: https://myds.synology.com/support/support_form.php:
  • When attempting to log in to DSM, a screen appears informing users that data has been encrypted and a fee is required to unlock data.
  • A process called “synosync” is running in Resource Monitor.
  • DSM 4.3-3810 or earlier is installed, but the system says the latest version is installed at Control Panel > DSM Update.

For users who have not encountered any of the symptoms stated above, we highly recommend downloading and installing DSM 5.0, or any version below:

  • For DSM 4.3, please install DSM 4.3-3827 or later
  • For DSM 4.1 or DSM 4.2, please install DSM 4.2-3243 or later
  • For DSM 4.0, please install DSM 4.0-2259 or later

DSM can be updated by going to Control Panel > DSM Update. Users can also manually download and install the latest version from our Download Center here: http://www.synology.com/support/download.

FIND THIS INTERESTING? SHARE IT WITH YOUR FRIENDS!

  • Share
  • Tweet
  • Flipboard
  • WhatsApp

Related posts:

SEC kills Kodak Bitcoin Mining “scam” Australian PM’s Chief of Staff Demands Photographer Delete Images of Her Photobomb Horse Owner Demands Compensation For Contest-Winning Photo Instagram demands you to share your birthday if you want to keep using the app

Filed Under: news Tagged With: Diskstation, firmware, storage, synology

Udi Tirosh: from diyphotography.net

About Udi Tirosh

Udi Tirosh is an entrepreneur, photography inventor, journalist, educator, and writer based in Israel. With over 25 years of experience in the photo-video industry, Udi has built and sold several photography-related brands. Udi has a double degree in mass media communications and computer science.

« A Terrifying Image: Underwater Camera Gets Attacked By Great White Sharks
DJI’s Newest UAV Adresses Function Over Form, and Manages to Keep its Form As Well »

Submit A Story

Get our FREE Lighting Book

DIYP lighting book cover

* download requires newsletter signup
DIYPhotography

Recent Comments

Free Resources

Advanced lighting book

Recent Posts

  • Here’s a bullet time video booth you can build yourself
  • Ricoh has discontinued the HD PENTAX-DA 21mm F3.2AL Limited silver lens
  • This “stellar flower” unravels the twilight’s evolution in 360 degrees
  • Strobes vs Continuous LEDs – Which is right for you?
  • Wave goodbye to Apple’s My Photo Stream next month

Udi Tirosh: from diyphotography.netUdi Tirosh is an entrepreneur, photography inventor, journalist, educator, and writer based in Israel. With over 25 years of experience in the photo-video industry, Udi has built and sold several photography-related brands. Udi has a double degree in mass media communications and computer science.

Alex Baker: from diyphotography.netAlex Baker is a portrait and lifestyle driven photographer based in Valencia, Spain. She works on a range of projects from commercial to fine art and has had work featured in publications such as The Daily Mail, Conde Nast Traveller and El Mundo, and has exhibited work across Europe

David Williams: from diyphotography.netDave Williams is an accomplished travel photographer, writer, and best-selling author from the UK. He is also a photography educator and published Aurora expert. Dave has traveled extensively in recent years, capturing stunning images from around the world in a modified van. His work has been featured in various publications and he has worked with notable brands such as Skoda, EE, Boeing, Huawei, Microsoft, BMW, Conde Nast, Electronic Arts, Discovery, BBC, The Guardian, ESPN, NBC, and many others.

John Aldred: from diyphotography.netJohn Aldred is a photographer with over 20 years of experience in the portrait and commercial worlds. He is based in Scotland and has been an early adopter - and occasional beta tester - of almost every digital imaging technology in that time. As well as his creative visual work, John uses 3D printing, electronics and programming to create his own photography and filmmaking tools and consults for a number of brands across the industry.

Dunja Djudjic: from diyphotography.netDunja Djudjic is a multi-talented artist based in Novi Sad, Serbia. With 15 years of experience as a photographer, she specializes in capturing the beauty of nature, travel, and fine art. In addition to her photography, Dunja also expresses her creativity through writing, embroidery, and jewelry making.

Copyright © DIYPhotography 2006 - 2023 | About | Contact | Advertise | Write for DIYP | Full Disclosure | Privacy Policy