Cyber ransomware group SynAck publishes master key for longtime victims
The group has changed its name and intends to move to a new business model – ransomware as a service (RaaS).
The ransomware group El_Cometa, formerly known as SynAck, published a master key for users who became their victims between July 2017 and early 2021.
On Thursday, August 12, an unknown person who identified himself as a former member of SynAck handed over the leaked keys to The Record. Michael Gillespie, a specialist in the information security company Emsisoft, examined the received samples and confirmed their authenticity.
The Record specialists decided not to publish the leaked keys, since their use can be very difficult for inexperienced users and, as a result, lead to even greater file damage. Instead, Emsisoft will develop and soon release its own utility for recovering encrypted files, which is easier and more reliable to use.
First discovered in July 2017, SynAck is one of the oldest active cyber ransomware groups to date. Despite the powerful operations at the beginning of the “career”, over time, the activity of the group began to decline. Although SynAck continues to target its victims, it is significantly inferior to the likes of REvil, Netwalker, Ryuk, and BitPaymer.
As representatives of SynAck said, they decided to release a master key to recover files encrypted by the ransomware during old operations, as they intend to focus on new ones. So, at the end of last month, the group began new operations called El_Cometa.
In addition, the group said that if it previously worked with only two external partners, it will now rethink its business model and will operate on ransomware-as-a-Service (RaaS).
Catch up on more articles here
Follow us on Twitter here