cyber Ransomware

Synology

May 11, 2023 1 min read
Synology

Synology warned users to strengthen the passwords to their network attached storage (NAS) after several devices capable of storing terabytes of data were encrypted by ransomware.

The attackers demanded 0.06 Bitcoin, then worth around $350, to regain access to files.

After an intensive investigation into this matter, the company found that the attacker used botnet addresses to hide the real source IP.

The firm recommended customers use Synology's network and account management settings to prevent the internet-based attacks.

Source: https://www.zdnet.com/article/ransomware-crooks-hit-synology-nas-devices-with-brute-force-password-attacks/

TPRM report: https://scoringcyber.rankiteo.com/company/synology

"id": "syn15271423",
"linkid": "synology",
"type": "Ransomware",
"date": "07/2019",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Synology',
                        'type': 'Company'}],
 'attack_vector': 'Internet-based attacks',
 'customer_advisories': "Use Synology's network and account management "
                        'settings',
 'data_breach': {'data_encryption': 'Ransomware encrypted data'},
 'description': 'Synology warned users to strengthen the passwords to their '
                'network attached storage (NAS) after several devices capable '
                'of storing terabytes of data were encrypted by ransomware. '
                'The attackers demanded 0.06 Bitcoin, then worth around $350, '
                'to regain access to files. After an intensive investigation '
                'into this matter, the company found that the attacker used '
                'botnet addresses to hide the real source IP. The firm '
                "recommended customers use Synology's network and account "
                'management settings to prevent the internet-based attacks.',
 'impact': {'systems_affected': 'Network attached storage (NAS) devices'},
 'initial_access_broker': {'entry_point': 'Botnet addresses'},
 'investigation_status': 'Completed',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Strengthen passwords, use '
                                                  "Synology's network and "
                                                  'account management settings',
                            'root_causes': 'Weak passwords'},
 'ransomware': {'data_encryption': 'Yes', 'ransom_demanded': '0.06 Bitcoin'},
 'response': {'remediation_measures': "Strengthen passwords, use Synology's "
                                      'network and account management '
                                      'settings'},
 'title': 'Synology NAS Ransomware Attack',
 'type': 'Ransomware'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.