Synology has been investigating and working with users affected by a recent ransomware called “SynoLocker.” Synology has confirmed the ransomware affects Synology NAS servers running older versions of DiskStation Manager, by exploiting a vulnerability that was fixed in December, 2013, at which time Synology released patched software and notified users to update via various channels.
Affected users may encounter the following symptoms:
For users who have encountered the above symptoms, please shutdown the system immediately to avoid more files from being encrypted and contact our technical support here: https://myds.synology.com/support/support_form.php. However, Synology is unable to decrypt files that have already been encrypted.
For other users who have not encountered the above symptoms, Synology strongly recommend downloading and installing DSM 5.0, or any version below:
Users can manually download the latest version from our Download Center and install it at Control Panel > DSM Update > Manual DSM Update.
Synology sincerely apologizes for any problems or inconvenience this issue has caused our users. As cybercrime proliferates and increasingly sophisticated malware evolves, Synology continues to devote resources to mitigate threats and is dedicated to providing users with reliable solutions. If users notice their DiskStation behaving suspiciously even after being upgraded to the latest DSM version, please contact firstname.lastname@example.org.