Security researchers from Kaspersky Lab have discovered a new variant of SynAck ransomware.
Although SynAck is not new, the most recent variant spotted in April this year uses a “Process Doppelgänging” that employs a technique to bypass modern security solutions.
“The main purpose of the technique is to use NTFS transactions to launch a malicious process from the transacted file so that the malicious process looks like a legitimate one,” Kaspersky said in a blog post on Monday.