The Latest in IT Security

SynAck targeted ransomware uses the Doppelgänging technique

07
May
2018
SynAck targeted ransomware uses the Doppelgänging technique

synack-targeted-ransomware-uses-the-doppelganging-technique

The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this sophisticated technique in an attempt to bypass modern security solutions.

In April 2018, we spotted the first ransomware employing this bypass technique – SynAck ransomware. It should be noted that SynAck is not new – it has been known since at least September 2017 – but a recently discovered sample caught our attention after it was found to be using Process Doppelgänging. Here we present the results of our investigation of this new SynAck variant.

Read More

Leave a reply


Categories

THURSDAY, AUGUST 16, 2018

Featured

Archives

Latest Comments

Social Networks