August 6, 2014
Presumably this malware exploits a number of vulnerabilities in Synology’s NAS (Network Attached Storage) software. The Trojan encrypts data found in the storage and demands that the user pay a ransom of USD 350. To date, it is impossible to recover data encrypted by Trojan.Encoder.737.
Trojan.Encoder.737's signature has been added to the Dr.Web virus databases. However, Doctor Web strongly advises users to back up their data regularly in order to keep their information safe from encryption Trojans. We also recommend that you keep your network storage software up to date by downloading updates from the official Synology site. To learn more from Synology about this incident, visit: http://www.synology.com/en-us/company/news/article/470 (English).
August 7, 2014
According to Synology, only older DSM versions (DSM 4.3-3810 and earlier) can be compromised by the malware. The Trojan poses no threat to the current DSM versions.
Use Data Loss Prevention to protect your files from encryption ransomware
|Only available in Dr.Web Security Space 9 and 10|
|More about encryption ransomware||What should
I do if…
|Configuration presentations tutorial||Free decryption|
Tell us what you think
To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.