My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Back to the news list

Trojan.Encoder.737 targets Synology NAS servers

August 6, 2014

Several users whose systems were compromised by the new encryption malware known as Trojan.Encoder.737 have contacted Doctor Web's technical support service. This malicious program has been designed to encrypt files stored on Synology NAS servers.

Presumably this malware exploits a number of vulnerabilities in Synology’s NAS (Network Attached Storage) software. The Trojan encrypts data found in the storage and demands that the user pay a ransom of USD 350. To date, it is impossible to recover data encrypted by Trojan.Encoder.737.

Trojan.Encoder.737's signature has been added to the Dr.Web virus databases. However, Doctor Web strongly advises users to back up their data regularly in order to keep their information safe from encryption Trojans. We also recommend that you keep your network storage software up to date by downloading updates from the official Synology site. To learn more from Synology about this incident, visit: (English).

August 7, 2014

According to Synology, only older DSM versions (DSM 4.3-3810 and earlier) can be compromised by the malware. The Trojan poses no threat to the current DSM versions.

Use Data Loss Prevention to protect your files from  encryption ransomware

Only available in Dr.Web Security Space 9 and 10
More about encryption ransomware What should
I do if…
Configuration presentations tutorial Free decryption

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.

Other comments