Threat Intelligence Report: Syn/Ack

We have been made aware of the latest form of ransomware to threaten organisations. SynAck ransomware adopts a new technique to infect computers – the ‘Doppelgänger’ approach. With the aim of infecting systems and encrypting victims’ files, SynAck uses this approach to transform files in order to bypass and avoid detection from anti-virus software. A demand is then made for a fee in order to release the files.

Name of Exploit
Syn/Ack Ransomware using the ‘Doppelgänging’ Technique

Type of Exploit
Ransomware, Trojan, Malware

How Exploit is Spread
This attack uses transactional NTFS to alter and create both files and directories in the infected computer.

Global Risk
Low – only observed attacks have been seen in the USA, Kuwait, Germany, and Iran. This leads invinsec to believe that this is targeted ransomware. invinsec Threat Intelligence Analysts have found that you are not impacted or compromised by the ransomware and it is not present on any system monitored by the invinsec SOC.

Download the full report

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s