Synapse Ransomware is a type of malware that encrypts data on infected computers, demanding payment for decryption. It was first discovered in February 2024 and operates as a Ransomware-as-a-Service (RaaS), indicating a structured distribution model where affiliates deploy the ransomware while the developers receive a share of the ransom payments. Once Synapse ransomware infects a computer, it encrypts files using robust cryptographic algorithms including RSA-4096, AES-256, and ChaCha20. This encryption is virtually unbreakable without the decryption key held by the attackers. The ransomware appends a .Synapse extension to the encrypted files, altering their original names to a random character string, which makes them easily recognizable. After encrypting the files, Synapse ransomware drops a ransom note named [ランダム文字列].README.txt on the victim's desktop. This note explains that the files have been encrypted and provides instructions for payment, typically demanding payment in cryptocurrencies like Bitcoin. The note may also offer to decrypt one file for free as proof that the attackers can restore the files.
