SynoLocker – Le cheval de Troie qui rackette les possesseurs de Synology

F5PBG 4/8/2014, 21:22

Information sur http://korben.info/synolocker.html

Ce n'est pas un hoax, un de mes collègues vient d'en être victime...

La solution se trouve notamment sur
http://forum.synology.com/enu/viewtopic.php?f=3&t=88716
http://www.nas-forum.com/forum/topic/42481-solution-synolocker-le-cheval-de-troie-qui-rackette-les-possesseurs-de-synology/

Il est donc très important de limiter l'accès à votre NAS en filtrant les IP entrantes dès le départ.

Depuis la version DSM 5.0-4482 (04/14), les NAS intègrent le filtrage d'adresses IP Nationales (https://www.maxmind.com).

F5PBG 6/8/2014, 12:07

https://myds.synology.com/support/support_form.php?lang=us

Info :

Sur la base de nos observations actuelles, ce problème affecterait uniquement les serveurs NAS Synology exécutant certaines anciennes versions du DSM (DSM 4.3-3810 ou versions antérieures), en exploitant une vulnérabilité de sécurité qui a été fixée et corrigée en Décembre 2013. A l'heure actuelle, nous n'avons pas observé cette vulnérabilité dans la version DSM 5.0

http://www.synology.com/en-us/company/news/article/470

F5PBG 7/8/2014, 23:28

Utiliser Google translate pour traduire si nécessaire :

Dear Synology users,

We would like to inform you that a ransomware called "SynoLocker" is currently affecting some Synology NAS users. This ransomware locks down affected servers, encrypts users’ files, and demands a fee to regain access to the encrypted files.
We have confirmed that the ransomware only affects Synology NAS servers running older versions of DiskStation Manager by exploiting a security vulnerability that was fixed and patched in December, 2013.

Affected users may encounter the following symptoms:

When attempting to log in to DSM, a screen appears informing users that data has been encrypted and a fee is required to unlock data.
Abnormally high CPU usage or a running process called “synosync” (which can be checked at Main Menu > Resource Monitor).
DSM 4.3-3810 or earlier; DSM 4.2-3236 or earlier; DSM 4.1-2851 or earlier; DSM 4.0-2257 or earlier is installed, but the system says no updates are available at Control Panel > DSM Update.
If you have encountered the above symptoms, please shutdown the system immediately and contact our technical support here: https://myds.synology.com/support/support_form.php

If you have not encountered the above symptoms, we strongly recommend downloading and installing DSM 5.0, or any version below:

DSM 4.3-3827 or later
DSM 4.2-3243 or later
DSM 4.0-2259 or later
DSM 3.x or earlier is not affected
You can manually download the latest version from our Download Center and install it at Control Panel > DSM Update > Manual DSM Update.
If you notice any strange behavior or suspect your Synology NAS server has been affected by the above issue, please contact us at security@synology.com.

We sincerely apologize for any problems or inconvenience this issue has caused our users. We’ll keep you updated with the latest information as we continue to address this issue.
Thank you for your continued patience and support.

Sincerely,
Synology Development Team

Contenu sponsorisé

SynoLocker – Le cheval de Troie qui rackette les possesseurs de Synology

SynoLocker – Le cheval de Troie qui rackette les possesseurs de Synology

Re: SynoLocker – Le cheval de Troie qui rackette les possesseurs de Synology

Re: SynoLocker – Le cheval de Troie qui rackette les possesseurs de Synology

Re: SynoLocker – Le cheval de Troie qui rackette les possesseurs de Synology