SynAck ransomware variant bypasses security solutions

SynAck ransomware variant

Security researchers from Kaspersky Lab have discovered a new variant of SynAck ransomware.

Although SynAck is not new, the most recent variant spotted in April this year uses a “Process Doppelgänging” that employs a technique to bypass modern security solutions. 

“The main purpose of the technique is to use NTFS transactions to launch a malicious process from the transacted file so that the malicious process looks like a legitimate one,” Kaspersky said in a blog post on Monday.