SynoLocker gang planning to move on?
Posted on 14.08.2014
The crooks behind SynoLocker have made some changes to the website sporting the payment instructions. They are trying to spur more victims to pay up by saying that the website will be take offline soon and, once that happens, they will not be able to get the private keys needed to decrypt their files:


They are offering to sell the encryption keys that have not yet been claimed for 200 Bitcoin (around $103,000). It seems that they might be thinking about ending this particular campaign.

It's still unclear how SynoLocker specifically infects Synology NAS devices, but the company has noted that only Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier) have been affected, and it's all because they sported a specific vulnerability that has been patched in later versions.

According to F-Secure's Artturi Lehtio, the malware does not come in the form of a single malicious binary, but is actually a collection of files that get uploaded to the target device via this infection vector.

"On the surface, SynoLocker and CryptoLocker share many similarities, not the least of which are a similar name, similar choice of encryption algorithms and the idea of extorting money from victims. Under the surface however, the similarities quickly end," noted Lehtio.

Despite initial claims, it seems that the two ransomware families are not connected.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //