Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Synology NAS users hit with Cryptolocker variant

Synology NAS users hit with Cryptolocker variant


Help Net Security - (International) Users of Synology's network-attached storage (NAS) devices reported having devices infected with a variant of the Cryptolocker ransomware beginning over the weekend of August 2 that encrypts files and demands a ransom to decrypt them. The method by which the malware is infecting NAS devices is currently unknown and users were advised to backup their files and unplug the devices until the infection vector is identified.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:21:13