Cybersecurity Breach: Synology Inc. Experiences Ransomware Attack by Underground Team
Synology Hit by Underground Team Ransomware Attack
Overview of the Incident
Synology Inc., a renowned provider of network-attached storage solutions, has fallen victim to a ransomware attack orchestrated by a group known as the Underground Team. The cybercriminals managed to exfiltrate 51 GB of data from Synology's systems, which was subsequently published online, indicating a significant data breach.
Company Profile
Established in January 2000, Synology Inc., headquartered in Taiwan, is a prominent figure in the network-attached storage (NAS) sector. Renowned for its dependable, intuitive, and top-notch storage solutions such as DiskStation, FlashStation, and RackStation, Synology has cemented its position as a frontrunner in the industry. With a global footprint spanning the United States, China, France, and Germany, Synology operates with a workforce of approximately 650 employees worldwide under the leadership of CEO Philip Wong.
Details of the Ransomware Attack
The Underground Team ransomware is known for its 64-bit GUI-based application that employs various commands to disrupt systems, including deleting backups, modifying registry settings, and halting critical services like MSSQLSERVER. This particular attack on Synology involved the exfiltration of a substantial amount of data, which was fully published online, exposing sensitive information.
Potential Vulnerabilities and Attack Vectors
The Underground Team likely utilized sophisticated social engineering tactics to infiltrate Synology's systems. Common methods include phishing emails with malicious attachments or links to compromised websites, designed to appear legitimate to deceive employees into initiating the malware. Additionally, the ransomware could have been disguised as a legitimate software update or application, further tricking users into downloading and executing the malicious payload.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!