Security News > 2021 > August > SynAck ransomware releases decryption keys after El_Cometa rebrand
The SynAck ransomware gang released the master decryption keys for their operation after rebranding as the new El Cometa group.
When ransomware operations encrypt files, they usually generate encryption keys on a victim's device and encrypt those keys with a master encryption key.
The encrypted key is then embedded in the encrypted file or ransom note and can only be decrypted using the ransomware gang's master decryption keys.
Today, the SynAck ransomware operation released the master keys, the gang's decryptors, and a manual on using the master keys, and shared them on their data leak site and with the cybersecurity news site TheRecord.
After receiving the keys, TheRecord shared them with ransomware expert Michael Gillespie who verified that the keys are legitimate and will be creating a SynAck decryptor so victims can recover their files for free.
While it is not common for ransomware gangs to release master decryption keys, it has happened in the past when operations shut down or rebrand to a new name.