What is Synack Ransomware?
SynAck campaigns intensified with time, and gained momentum. Due to lack of information on this ransomware, it made victims on a daily basis in the month of August 2017. Nearly 100 odd victims got tricked with this infection. Bleeping Computer identified this infection with three distinguished SynAck versions, and it was based on the three different ransom notes they found on infected PCs.
Also read -How to remove Hp.myway.com
How Does Synack Ransomware Work?
This ransomware does not work on the traditional method of payment gateway but asks users to use the modern method of digital payment made to its creator, which is through direct email or a Bit Message-ID. Sharing below are samples of the email addresses and BitMessage IDs spotted in the three different ransom notes.
Unlike the earlier ransomware, which made their presence felt on the victim’s computer by capturing the desktop of this users, this ransomware drops a ransom note on the victim’s desktop which reads like RESTORE_INFO-[id].txt. This file contains an extensions file which has ten random alpha characters for each file. For example test.jpg.XbMiJQiuoh
How did it spread -Through RDP, targeting businesses
It is believed the cyber hackers behind SynAck implanted the RDP brute-force to get remote access to the victim’s computers and then these hackers manually download and install the ransomware. Victims who got infected with SynAck reported in the Bleeping Computer SynAck Help Topic that it majorly came from the Windows Server machines and enterprise networks. Below is a ransom note which was shared by one of the victims who got in touch with one of the SynAck author.
Download Free Removal Tool
Also read-How to unfix Beansplayer Adware
The Synack author confirm that post they receive the payment, they will send the victim a decoder, but first, the victim needs to send them a link to the transaction or the address of your wallet. The Bitcoin wallet listed in the email is worth 98 Bitcoin in funds, which is estimated to be $425,000 presently.There is a digital movement of funds from this account, which may be linked with a possible RaaS (Ransomware-as-a-Service) operation, where another partner takes its co-payment and then transfers the rest of the funds to people who rent and distribute the ransomware.
Tips to Prevent Synack Ransomware from Infecting Your System:
1. Enable your popup blocker: Pop-ups and ads in the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs. So, avoid clicking uncertain sites, software offers, pop-ups etc.
2. Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update. By doing this you can keep your device free from virus. According to the survey, outdated/older versions of Windows operating system are an easy target.
3. Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
4. Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection. Thus always backup important files regularly on a cloud drive or an external hard drive.
5. Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like McAfee or a good Malware Removal Tool like Free Malware RemovalTool
6. Install a powerful ad- blocker for Chrome, Mozilla,and IE.
