Il software
Forum Synology Inglese
Mobile01
Questo il testo di quanto appare nell'inquietante messaggio
SynoLocker™
Automated Decryption Service
All important files on this NAS have been encrypted using strong cryptography
List of encrypted files available here.
Follow these simple steps if files recovery is needed:
1. Download and install Tor Browser.
2. Open Tor Browser and visit http://cypherxffttr7hho.onion. This link works only with the Tor Browser.
3. Login with your identification code to get further instructions on how to get a decryption key.
4. Your identification code is - (also visible here).
5. Follow the instructions on the decryption page once a valid decryption key has been acquired.
Technical details about the encryption process:
• A unique RSA-2048 keypair is generated on a remote server and linked to this system.
• The RSA-2048 public key is sent to this system while the private key stays in the remote server database.
• A random 256-bit key is generated on this system when a new file needs to be encrypted.
• This 256-bit key is then used to encrypt the file with AES-256 CBC symmetric cipher.
• The 256-bit key is then encrypted with the RSA-2048 public key.
• The resulting encrypted 256-bit key is then stored in the encrypted file and purged from system memory.
• The original unencrypted file is then overwrited with random bits before being deleted from the hard drive.
• The encrypted file is renamed to the original filename.
• To decrypt the file, the software needs the RSA-2048 private key attributed to this system from the remote server.
• Once a valid decryption key is provided, the software search each files for a specific string stored in all encrypted files.
• When the string is found, the software extracts and decrypts the unique 256-bit AES key needed to restore that file.
• Note: Without the decryption key, all encrypted files will be lost forever.
Copyright © 2014 SynoLocker™ All Rights Reserved.
Automated Decryption Service
All important files on this NAS have been encrypted using strong cryptography
List of encrypted files available here.
Follow these simple steps if files recovery is needed:
1. Download and install Tor Browser.
2. Open Tor Browser and visit http://cypherxffttr7hho.onion. This link works only with the Tor Browser.
3. Login with your identification code to get further instructions on how to get a decryption key.
4. Your identification code is - (also visible here).
5. Follow the instructions on the decryption page once a valid decryption key has been acquired.
Technical details about the encryption process:
• A unique RSA-2048 keypair is generated on a remote server and linked to this system.
• The RSA-2048 public key is sent to this system while the private key stays in the remote server database.
• A random 256-bit key is generated on this system when a new file needs to be encrypted.
• This 256-bit key is then used to encrypt the file with AES-256 CBC symmetric cipher.
• The 256-bit key is then encrypted with the RSA-2048 public key.
• The resulting encrypted 256-bit key is then stored in the encrypted file and purged from system memory.
• The original unencrypted file is then overwrited with random bits before being deleted from the hard drive.
• The encrypted file is renamed to the original filename.
• To decrypt the file, the software needs the RSA-2048 private key attributed to this system from the remote server.
• Once a valid decryption key is provided, the software search each files for a specific string stored in all encrypted files.
• When the string is found, the software extracts and decrypts the unique 256-bit AES key needed to restore that file.
• Note: Without the decryption key, all encrypted files will be lost forever.
Copyright © 2014 SynoLocker™ All Rights Reserved.
Personalmente per non rischiare ho disabilitato TUTTI gli accessi da remoto.
CSO Australia riceve questa mail da Synology
Synology also responded to CSO Australia:
"When trying to access DSM, it displays the following message 'All important files on this NAS have been encrypted using strong cryptography', in addition to instructions for paying a fee to unlock your data.
"What should you do? If you are seeing this message when trying to login to DSM:
"1) Power off the DiskStation immediately to avoid more files being encrypted
"2) Contact our Support team so we can investigate further. If you are in doubt as to whether your DiskStation may be affected, please don't hesitate to contact us at security@synology.com
"We apologise for any issue this has created, we will keep you updated with latest information as we address this issue. Our support team can be reached here."
"When trying to access DSM, it displays the following message 'All important files on this NAS have been encrypted using strong cryptography', in addition to instructions for paying a fee to unlock your data.
"What should you do? If you are seeing this message when trying to login to DSM:
"1) Power off the DiskStation immediately to avoid more files being encrypted
"2) Contact our Support team so we can investigate further. If you are in doubt as to whether your DiskStation may be affected, please don't hesitate to contact us at security@synology.com
"We apologise for any issue this has created, we will keep you updated with latest information as we address this issue. Our support team can be reached here."
Fonte
Seguiremo gli sviluppi
Nel frattempo un utente del forum inglese (Mike) ha suggerito questo per poter tornare ad accedere al NAS, anche se i file ovviamente sono ancora criptati.
1. Shut down the NAS
2. Remove all the hard drives from the NAS
3. Find a spare hard drive that you will not mind wiping and insert it into the NAS
4. Use Synology Assistant to find the NAS and install the latest DSM onto this spare hard drive (use the latest DSM_file.pat from Synology)
5. When the DSM is fully running on this spare hard drive, shut down the NAS from the web management console.
6. Remove the spare drive and insert ALL your original drives.
7. Power up the NAS and wait patiently. If all goes well after about a minute you will hear a long beep and the NAS will come online.
8. Use Synology Assistant to find the NAS. It should now be visible with the status "migratable".
9. From Synology Assistant choose to install DSM to the NAS, use the same file you used in step 4 and specify the same name and IP address as it was before the crash.
10. Because the NAS is recognized as "migratable", the DSM installation will NOT wipe out the data on either the system partition nor the data partition.
11. After a few minutes, the installation will finish and you will be able to log in to your NAS with your original credentials.
2. Remove all the hard drives from the NAS
3. Find a spare hard drive that you will not mind wiping and insert it into the NAS
4. Use Synology Assistant to find the NAS and install the latest DSM onto this spare hard drive (use the latest DSM_file.pat from Synology)
5. When the DSM is fully running on this spare hard drive, shut down the NAS from the web management console.
6. Remove the spare drive and insert ALL your original drives.
7. Power up the NAS and wait patiently. If all goes well after about a minute you will hear a long beep and the NAS will come online.
8. Use Synology Assistant to find the NAS. It should now be visible with the status "migratable".
9. From Synology Assistant choose to install DSM to the NAS, use the same file you used in step 4 and specify the same name and IP address as it was before the crash.
10. Because the NAS is recognized as "migratable", the DSM installation will NOT wipe out the data on either the system partition nor the data partition.
11. After a few minutes, the installation will finish and you will be able to log in to your NAS with your original credentials.