What is Syncro?
Syncro is a highly integrated and easy-to-use remote access platform that allows Remote monitoring and management (RMM) and automation of tasks, streamlining users’ operations to get established, run, and grow their managed service provider (MSP) operations.
Syncro’s unified and customizable solutions allow users to conduct business operations, that could be streamlined with its integrated invoicing, billing, contract management, automated remediation, and much more so that one can focus on generating revenue. Additionally, their tool offers users a 21-day trial.
Prior to its most recent campaign, which researchers from Deep Instinct estimate started sometime in September, MuddyWater had employed a separate legitimate remote administration tool, named RemoteUtilities.
According to the latest report by Deep Instinct, which mentions details of the MuddyWater attacks that recently took place on an Egyptian data hosting company, as well as the Israeli insurance and hospitality industries.
"MuddyWater is not the only actor abusing Syncro […] It has also been observed recently in BatLoader and Luna Moth campaigns," the Deep Instinct team stated in the report.
Moreover, MuddyWater has now joined BatLoader and Luna Moth threat groups, which have also been using Syncro in order to take control of devices.
Security teams are cautioned by Deep Instinct which provided MuddyWater's indicators of compromise, to keep an eye out for unusual remote desktop apps inside their organisations.