SynAck emerged as a ransomware group in July 2017, initiating targeted attacks before notably evolving its operational model. The group distinguished itself early on by being the first ransomware to publicly leverage the Process Doppelgänging evasion technique. In late July 2021, SynAck announced its rebranding as El_Cometa and transitioned to a Ransomware-as-a-Service (RaaS) model, effectively concluding its direct operations under the SynAck name. Its primary motivation was financial gain through data encryption and subsequent ransom demands. Beyond its unique evasion tactics, SynAck also stood out by initially requiring victims to contact them directly via email or BitMessage ID for payment arrangements, rather than utilizing a dedicated payment portal.

URLs nuevas detectadas en IntelTracker