Get local IT Support Now

Gooroo News

Our news and blog posts. Anything that interests us or needs to be told is here!

Category: Business

Virus infection, Malware
Business

What Anti Virus is best for you? in 2023

This page highlights the benefits of using Avast Anti-Virus for home use and Trend Micro for commercial or business use, particularly for networks with Windows servers. The author emphasises Avast’s exceptional performance, ability to detect and eliminate malware, and the numerous features it offers, such as anti-phishing and automatic detection of removable media.

Continue Reading »
Synology NAS network storage solutions
Business

SynoLocker ransomware attack – Synology DiskStations

Synology NAS targeted by SynoLocker ransomware
Synology users told to update DiskStation NAS drives after SynoLocker, a ‘cryptolocker’ style ransom attack. Synolocker is not a variant of the infamous Cryptolocker virus we reported on earlier, but is of the same type – a ransomware style virus which hold its victim’s files to ransom. Their methods involve encrypting the victim’s files and then demanding money to obtain the decryption key, usually the payment is in the form of BitCoin, and anonymous digital currency.

Users on the weekend reported finding a message from the crypto-ransomware operators demanding 0.6 Bitcoin (or around $350 US), for the decryption key. Victims would need to install a Tor browser to access the hidden website where they could make the payment and receive the key and to allow decryption. At this time their is no other method to recover files, short of recovering from backup.

According to Synology, users have been reporting that the attacks are only affecting Synology NAS devices running version 4.3 of its DiskStation Manager (DSM) and not DSM 5.0, which included fixes released last December for two critical flaws that give unauthorised access via the Windows File Service and File Station.

The malware starts encrypting files, telling users that this process is under way. This implies that unencrypted files can still be copied at that point but how many will depend on the number of files on the affected drive and how long the encyption process has been running. The best course of action remains to turn off the drive immediately and take advice.

Detection and prevention rates will be very low as SynoLocker is completely new and attacks the NAS directly, thus it is unlikely that any workstation antivirus products will detect it.

Synology users will also need to think about how the malware reached their NAS in the first place and check their modem security, especially opened ports to the NAS and their computer(s).

An official Synology statement said that the issue seemed to be affecting DiskStations running Disk Station Manager 4.3-3810 or earlier.

Update the DSM
Users should update to the latest version by going to Control Panel > DSM Update or manually via the Synology support site.

Updated Information
For more updated information see the Bleeping Computer article and discussion at Bleeping Computer’s article & posts on Synlocker.

Continue Reading »