SYNOLOGY HAS RESPONDED to reports that its NAS drives have been hit by a version of the Cryptolocker ransomware called "Synlocker."
Reports of Synlocker first emerged on Monday, and Synology has finally bucked up its ideas and released a statement about it.
A spokesperson for the company said on Wednesday, "We are fully dedicated to investigating this issue and possible solutions.
"Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. At present, we have not observed this vulnerability in DSM 5.0."
Synology added that should users encounter any odd behaviour from their NAS drive - such as a notification that says a fee is required to unlock data - they should shutdown their system and contact technical support. The firm also advises that users update to the DSM 5.0.
Unlike most versions, Synolocker doesn't outright extort money, but rather masquerades as a courtesy to improve the security of the drive and goes on to brag about how strong its encryption is.
It cites the multilayer lockdown that has been carried out on the drive's files, including RSA 2048-bit keys and 256-bit keys on a per file basis, all carried out on the remote server before being securely overwritten.
Alarm bells should start to ring when the decryption process requires the installation of the Tor web browser, the anonymisation service that allows users to enter websites that are located on the so-called "dark web".
At this point, the victim is asked to pay 0.6 bitcoins to retrieve their files, equivalent to around £209 at time of writing.
It is not clear at the moment what has caused the vulnerability and there has been no comment from Synology on the matter, but reports continue to come in from all over the world to the Synology user forums. Some users have speculated that the vulnerabilities exploited are in the Diskstation user interface itself.
Earlier this year, Synology launched two new rack-based Rackstation NAS units running Diskstation 4.3. It is believed that these are among the affected models.
Cryptolocker continues to evolve. In recent months as well as Windows, versions have started to appear on Android devices. In all case payment is required and does not always guarantee the safe release of files. µ
The top 10 stories from the past seven days
Meet the latest flagship killer from China
Plus, it's goodbye to Device Assist
Vulnerabilities in the iOS sandbox thankfully found by the good guys