It’s not clear yet how SynoLocker’s operators installed the malware, for example, if they had exploited a vulnerability in Synology devices. CSO Australia has asked Synology for comment and will update the story if it receives one.
According to the victim, Synology’s support team are interested in hearing from victims who have not reinstalled its Linux-based DiskStation Manager NAS operating system. Synology’s NAS devices were hit late last year by scammers looking to use their compute power to mine several cryptocurrencies, including Bitcoin.
Having proper backups would thwart this attack. Simply wipe the box and rebuild the NAS.