DOJ Says Doctor is Malware Mastermind

On Monday, the U.S. Attorney’s Office for the Eastern District of New York revealed criminal charges against 55 year-old cardiologist Moises Luis Zagala Gonzalez of Cuidad Bolivar, Venezuela accusing him of being the mastermind behind the prolific Thanos malware. The inditement alleges he “designed multiple ransomware tools—malicious software that cybercriminals use to extort money from companies, nonprofits and other institutions, by encrypting those files and then demanding a ransom for the decryption keys. Zagala sold or rented out his software to hackers who used it to attack computer networks..” According to a DOJ press release, beginning in late 2019, Gonzalez took to online cybercrime forums to market a new product he’d built. It was a ransomware builder – software that helps other cybercriminals more easily design their own, custom ransomware programs. Gonzalez called it “Thanos.” Thanos came with a bevy of handy features: a data stealer, a self-delete function, a field for writing custom ransom messages, and an anti-virtual machine tool designed to outsmart the testing environments security researchers might use to analyze such malware. Cybercriminals could purchase a subscription to this malware or participate in an “affiliate program.” Under that model, customers would receive free access. In exchange, they’d share a portion of their earnings with Gonzalez. Gonzalez – who went by the handles “Nosophoros,” “Aesculapius” and “Nebuchadnezzar” – is part of a growing…