It all starts with a text message from my wife...
Of course, all of the DS iOS apps fail to connect to the device. This has happened before. I figured I'll just open up the browser when I get to my Mac and restart the services. Then I get this screen.
My first thought was WTF? Took a screencap and put it out on twitter thinking Synology installed some encryption service on my device through some automatic update. Then the swarms of "oh no..." tweets come replying back. Apparently, I must have been hiding under a rock. And I was. For the past two weeks I've been heads down doing some front-end web development training. I literally saw nothing over the prior week about SynoLocker.
Don't know what SynoLocker is? It's a form of malware/ransomware based on a different strain of the Cryptolocker ransomware. Once you are infected, all of your files are overwritten with an encryption algorithm that can only be decrypted with a key held by the person that created the strain. Essentially, your files are gone unless you pay the person a certain amount for the decryption key. SynoLocker ransomware scans the internet for port 5000 and 5001 and will return a Synology ACK. This means you have to have the management port of 5000 & 5001 exposed on the internet. Once discovered, the ransomware plants itself through an exploit and begins encrypting your files. The files targeted are <100mb because the larger the file, the longer the encryption process takes. Their target were smaller files such as documents and photos.
Add a comment