[German]Synology has issued a security warning for its DiskStation Manager (version <6.2.4-25556-2 ; 7.0). There are several security vulnerabilities in the firmware of the devices. UC SkyNAS units are also at risk. Synology has already issued the first firmware updates. There is a new variant of the ransomware eCh0raix that can exploit a new bug in QNAP and Synology NAS devices.
Synology security warning
The manufacturer Synology has issued the security alert Synology-SA-21:22 DSM with the status "important" as of August 17, warning about vulnerabilities in DiskStation Manager (DSM). Multiple vulnerabilities allow remote authenticated users to execute arbitrary commands or remote attackers to write arbitrary files via a vulnerable version of DiskStation Manager (DSM). The following products are affected:
|Product||Severity||Fixed Release Availability|
|DSM 6.2||Important||Upgrade to 6.2.4-25556-2 or above|
eCh0raix Ransomware Targets QNAP/ Synology NAS
Palo Alto Networks Unit 42 security researchers have encountered a variant of the eCh0raix ransomware that targets QNAP and Synology NAS units. The attackers also use the CVE-2021-28799 vulnerability to install the new eCh0raix ransomware variant on QNAP devices.
eCh0raix is a well-known ransomware is that has targeted QNAP and Synology NAS devices in separate campaigns in the past. The new variant shows the ability to attack both QNAP and Synology NAS devices for the first time. This shows that some ransomware developers continue to invest in optimizing tools that target devices common to small offices and home offices (SOHO).