We have been made aware of the latest form of ransomware to threaten organisations. SynAck ransomware adopts a new technique to infect computers – the ‘Doppelgänger’ approach. With the aim of infecting systems and encrypting victims’ files, SynAck uses this approach to transform files in order to bypass and avoid detection from anti-virus software. A demand is then made for a fee in order to release the files.
Name of Exploit
Syn/Ack Ransomware using the ‘Doppelgänging’ Technique
Type of Exploit
Ransomware, Trojan, Malware
How Exploit is Spread
This attack uses transactional NTFS to alter and create both files and directories in the infected computer.
Low – only observed attacks have been seen in the USA, Kuwait, Germany, and Iran. This leads invinsec to believe that this is targeted ransomware. invinsec Threat Intelligence Analysts have found that you are not impacted or compromised by the ransomware and it is not present on any system monitored by the invinsec SOC.