They are offering to sell the encryption keys that have not yet been claimed for 200 Bitcoin (around $103,000). It seems that they might be thinking about ending this particular campaign.
It's still unclear how SynoLocker specifically infects Synology NAS devices, but the company has noted that only Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier) have been affected, and it's all because they sported a specific vulnerability that has been patched in later versions.
According to F-Secure's Artturi Lehtio, the malware does not come in the form of a single malicious binary, but is actually a collection of files that get uploaded to the target device via this infection vector.
"On the surface, SynoLocker and CryptoLocker share many similarities, not the least of which are a similar name, similar choice of encryption algorithms and the idea of extorting money from victims. Under the surface however, the similarities quickly end," noted Lehtio.
Despite initial claims, it seems that the two ransomware families are not connected.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.