The SynAck group, now known as El_Cometa, has recently released decryption keys for the targets who were affected between July 2017 and early 2021. SynAck has also released manuals that guide the usage of the master keys.
Incident Report
The group has released the master decryption keys that were uploaded on the data leak site of the group. They also published a piece of cybersecurity news.
Upon the release of the keys, The Record has shared them with cybersecurity professionals. They confirmed that those keys were legitimate. These keys can be used to code a SynAck decryptor software for recovering the encrypted files.
The keys will not be available to the general public, said the news site. This is because the decryption procedure might be complicated for the general public who might damage their files while they are being recovered.
Emsisoft said that they will create a decryption software that is easy and safe for usage. This tool will be available to the masses within a few days.
What Is SynAck?
SynAck is a ransomware group that started operating in August/September 2017 but was mostly inactive. They started their activities in 2018 which slowly grew more frequent in late 2019.
In July, they were rebranded as El_Cometa and restarted operations as RaaS (Ransomware-as-a-Service). They recruited affiliates to target and breach networks.
About Other Groups Like SynAck
Several other groups like SynAck have released decryption keys, shut down operations, or have rebranded themselves. REvil group has disappeared completely after the attack on Kaseya. The decryption keys were received within three weeks. Groups like Avaddon, AES-NI, TeslaCrypt, Crysis, Shade, FilesLocker, and FonixLocker have released their master decryption keys.
Final Words
Ransomware groups have begun rebranding themselves, mostly due to increased pressure from the authorities, in the last months. As more and more ransomware groups are being rebranded, the need for staying protected has also increased. So, security professionals, researchers, and organizations need to be on high alert to stay safe.
