Is ransomware attack on ReadyNAS possible?

Another change in attacks I should have mentioned above is the intent. 15 years ago it was mostly done by people who wanted to wreak havoc for its own sake. Now its about money (and in some cases agendas to target specific sites).

mdgm wrote:
For the hack to raise money for the hacker there needs to be a fairly automated way to decrypt the files which means there likely is a way it can be reverse engineered.

Reverse engineering the malware doesn't necessarily mean the decryption keys can be recovered. I think in this case the white hats were able to locate and hack into the servers that held the decryption keys. Even if that is not the case in this instance - if I were a hacker, my malware wouldn't know the decryption key. It is certainly possible to structure it that way.

Also, the hacker can make some money even if they don't decrypt the files after receiving the ransom. Just not as much.

But ransoming does require a way to receive the payment, and in principle you can trace the payment trail to the hacker. In the Synology case, they are counting on TOR to conceal their location. That might not be enough - governments have been able to locate TOR sites and shut them down, and perhaps others with less resources could locate them as well.

mdgm wrote:
Still even if files could be decrypted I'd have concerns.

Me too. I'd want to do a factory reset here, just to make sure there was nothing left behind in the OS (a root kit perhaps).