updated 01:40 pm EDT, Wed August 6, 2014
Malware strikes un-updated Synology NAS units
Synology product users affected by the SynoLocker attack may have lost their files to the cryptoware. Representatives from Synology have informed Electronista that at this time, they are unable to provide assistance recovering data that has been forcibly encrypted by the malware.
Synology devices with DSM 4.3-3810 and below are known to be vulnerable, with no evidence of DSM 5.0 being susceptible to the problem. It is not clear if Synology was aware of the flaw before devices became encrypted as a result of the attack, but if the update to the operating system removes the vulnerability, it seems likely that the company knew and took proper steps to implement a fix beforehand.
Users have been advised to disconnect afflicted and susceptible NAS hardware from the Internet, as well as upgrade the systems to the latest version. Additionally, users are being told to backup crucial data, in case the NAS is infected in the future or the vector of attack changes.
Unless the database held by the perpetrators of this attack is retrieved, recovery methods like that provided by FireEye and other companies are unusable for data retrieval.