Merge pull request #88 from Delta-Sierra/master

add SynAck Ransomware
This commit is contained in:
Deborah Servili 2017-09-06 14:10:17 +02:00 committed by GitHub
commit 1b82d441b3

View file

@ -8534,6 +8534,21 @@
"https://twitter.com/struppigel/status/900238572409823232" "https://twitter.com/struppigel/status/900238572409823232"
] ]
} }
},
{
"value": "SynAck",
"description": "The ransomware does not use a customized desktop wallpaper to signal its presence, and the only way to discover that SynAck has infected your PC is by the ransom notes dropped on the user's desktop, named in the format: RESTORE_INFO-[id].txt. For example: RESTORE_INFO-4ABFA0EF.txt\n In addition, SynAck also appends its own extension at the end of all files it encrypted. This file extensions format is ten random alpha characters for each file. For example: test.jpg.XbMiJQiuoh. Experts believe the group behind SynAck uses RDP brute-force attacks to access remote computers and manually download and install the ransomware.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/synack-ransomware-sees-huge-spike-in-activity/"
],
"synonyms": [
"Syn Ack"
],
"ransomnotes": [
"RESTORE_INFO-[id].txt"
]
}
} }
], ],
"source": "Various", "source": "Various",