SynAck ransomware group releases decryption keys, but new strain in the works

The SynAck ransomware group, which just lately modified its identify to El_Cometa, has launched the grasp decryption keys to its ransomware that was used to contaminate victims from 2017 to early 2021.

In a brand new exclusive report from The File, the information outlet has reported that the keys have now been verified as genuine by creator of the ID Ransomware service and malware analyst at Emsisoft, Micheal Gillespie. Gillespie confirmed the authenticity of the grasp decryption keys through the use of them to decrypt recordsdata from earlier SynAct assaults.

Sadly for SynAct victims, decrypting the cybercriminals’ ransomware is considerably difficult for non-technical customers. Fortunately although, Emsisoft plans on releasing its personal decryption utility within the subsequent few days which is not going to solely be simpler to person however may also be safer.

The SynAck ransomware group was first recognized again in July of 2017 although the group rapidly rose to prominence as a result of its encryption routines and the best way through which it used course of doppelganging to evade being detected by antivirus software.

Although the group continued to operate during the following years, it was soon overshadowed by larger ransomware groups including, REvil, Ryuk and BitPaymer.

The reason the group decided to release the master decryption keys for its old victims is because it is in the process of winding down its SynAck operation as it ramps up work on its new ransomware strain, El_Cometa.

While the group has worked with outside partners in the past to distribute its ransomware, it now plans to expand its operational model by launching a new Ransomware-as-a-Service (RaaS) platform and recruiting new partners or affiliates to carry out its attacks.

Expect the El_Cometa ransomware strain to infect additional victims as the cybercriminals behind it expand their operations.

Via The Record