Synology, a well-known network storage device manufacturer, suffered a hacker attack. Hackers successfully penetrated its servers and stole approximately 51GB of sensitive data. The sensitive information involved includes customer orders, employee information, various internal company documents and a large number of product information. Recently, customers who believe their data has been stolen have been receiving emails that appear to be sent by hackers, pretending to be Synology officials, deceiving the other party’s trust and opening attachments or clicking on phishing links, thereby further invading the victim’s computer or system. , to steal more information for blackmail or attack.
According to online news, the current Synology hacking incident actually occurred as early as April 2023 (after checking, it was found that some of the stolen data were dated as May 2023). The hackers used a vulnerability to enter the branch believed to be located in Germany. internal system. The hackers then deeply penetrated the server and extracted a large amount of data. The stolen data included customer personal information, corporate confidential documents and some product information. However, the official has not announced the scope of the stolen data and warned affected customers that they may face various potential risks.
Until recently, many people reported to the authorities that they had received emails from suspected Synology officials. The content of the emails would induce victims to open attachments or click on links to phishing websites. When the victim clicks or opens the relevant file, the hacker will take the opportunity to attack the victim’s computer or system, steal the files and conduct blackmail. After a victim inquired about Synology, the government admitted on its official website and online social platforms that in April 2023, some computers at one of its branches were hacked and 51GB of data was stolen.
Synology said in its official statement:
“It was discovered that criminals were sending phishing emails impersonating the name of Synology, trying to use the subject and content of the email to trick recipients into downloading attachments or clicking on phishing links for further extortion or launching attacks. Synology has obtained the information and reported it as soon as possible Relevant police units, and solemnly remind users to be vigilant. “In response to this incident, Synology reminds users to identify emails sent from official domain names to contact users, and when faced with emails from suspicious sources, do not click on links, download files, Or reply with personal information. If you encounter any unclear situation, please confirm with official channels first.
The Synology hacking incident this time was carried out by an organization called Underground Team. This organization is believed to be related to another hacker organization Storm-0978. It also uses a ransomware called InduscialSpy and has been ransomware. Records clearly identify themselves as Underground Team. So far, Underground Team has published the information of 13 victims on its website, including Synology.