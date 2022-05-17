U.S. markets close in 3 hours 19 minutes

  • S&P 500

    4,068.29
    +60.28 (+1.50%)
     

  • Dow 30

    32,530.74
    +307.32 (+0.95%)
     

  • Nasdaq

    11,894.58
    +231.78 (+1.99%)
     

  • Russell 2000

    1,828.05
    +44.62 (+2.50%)
     

  • Crude Oil

    113.73
    -0.47 (-0.41%)
     

  • Gold

    1,819.00
    +5.00 (+0.28%)
     

  • Silver

    21.75
    +0.20 (+0.92%)
     

  • EUR/USD

    1.0542
    +0.0103 (+0.99%)
     

  • 10-Yr Bond

    2.9640
    +0.0870 (+3.02%)
     

  • GBP/USD

    1.2480
    +0.0156 (+1.26%)
     

  • USD/JPY

    129.3510
    +0.2980 (+0.23%)
     

  • BTC-USD

    30,073.55
    +617.98 (+2.10%)
     

  • CMC Crypto 200

    675.33
    +432.65 (+178.28%)
     

  • FTSE 100

    7,518.35
    +53.55 (+0.72%)
     

  • Nikkei 225

    26,659.75
    +112.70 (+0.42%)
     

US names and shames Venezuelan doctor as notorious ransomware maker

Carly Page
·3 min read

The U.S. has named a Venezuelan cardiologist as the alleged mastermind behind the notorious Thanos ransomware.

According to the U.S. Justice Department, Moises Luis Zagala Gonzalez, 55, created and distributed the Thanos software, a ransomware-as-a-service (RaaS) operation that allowed its users to create and deploy their own ransomware variants.

Zagala allegedly sold and rented out the ransomware tools to cybercriminals starting in 2019 and even taught cybercriminals how to use the tools, according to the indictment, coaching threat actors on how to design a ransom note, steal passwords from victim computers and set a bitcoin address for ransom payments. “Zagala provides extensive customer service along with his software, counseling his customers about how most effectively to use his software against their victims,” the indictment says. The FBI said that at least 38 copies of the Thanos tool were sold.

Zagala also publicly discussed how his customers used his tools in ransomware attacks, even posting links to news stories about the use of Thanos by an Iranian-state sponsored hacking group to attack Israeli companies. One of the linked reports detailed how the ransomware was used by the MuddyWater hacking group, which U.S. Cyber Command earlier this year linked to Iranian intelligence.

“As alleged, the multi-tasking doctor treated patients, created and named his cyber tool after death, profited from a global ransomware ecosystem in which he sold the tools for conducting ransomware attacks, trained the attackers about how to extort victims, and then boasted about successful attacks, including by malicious actors associated with the government of Iran,” said Breon Peace, the U.S. attorney for eastern New York, where the case was filed.

In addition to creating Thanos, Zagala is accused of creating “Jigsaw v. 2,” a ransomware tool that included a so-called “Doomsday counter” that kept track of how many times victims had tried to remove the malware. “If the user kills the ransomware too many times, then it’s clear he won’t pay so better erase the whole hard drive,” Zagala wrote, according to the DOJ, adding that 1,000 files would be deleted every time a victim reboots their system.

Zagala’s products were well-regarded among cybercriminals, from which he would request reviews. The DOJ said it found several reviews for his products that touted their effectiveness. One reviewer said they used Zagala’s products to “infect a network of approximately 3,000 computers” and another user wrote in Russian that they had made "good profit” after a month of using the ransomware tools.

The FBI was able to identify Zagala after interviewing a relative whose PayPal account was used to receive illicit profits.

Zagala — who remains in Venezuela — faces up to 10 years in prison for attempted computer intrusions and conspiracy charges if brought to justice in the United States. The indictment is part of the Justice Department's efforts in recent years to “name and shame” cyberattackers who are outside of U.S. jurisdiction.

The year the tide turned on ransomware

Recommended Stories

  • ‘Torn Hearts’ Sneak Peek: Katey Sagal Leads A Cappella Recording Session (Exclusive)

    The Blumhouse Television thriller is about two friends on the brink of a big break. ‘Torn Hearts’ is available on Digital May 20.

  • Ernst & Young Unveils Supply Chain Manager on Polygon Network

    Big Four consulting firm EY has unveiled its blockchain-based supply chain manager built for the Polygon Nightfall network.

  • Mastercard trials paying with your face

    STORY: You may not have to grab your wallet or phone to pay when you go to a check out in future.That’s because Mastercard has rolled out a new way of paying a bill….and it’s with your face.The U.S. finance giant’s Biometric Check Out Programme uses the same technology that already unlocks your phone.Ajay Bhalla is President of Cyber and Intelligence at Mastercard.“It's a cool new technology which allows consumers to pay with a smile, their face or just wave. So you can forget the clunkiness of taking your wallet out or your devices out, or cards out. Just do your shopping. You go to the checkout and just play with your face. It's as simple as that.”The idea of biometric pay raises obvious privacy questions.Mastercard said it had given apps a set of standards they must comply with to keep security and privacy safe.The company also argued getting rid of passwords could make digital transactions safer.But not everyone agrees we should share our biometric data.Amos Toh is a senior researcher with Human Rights Watch.“The uniqueness of our biometric identifiers presents unique harms. If they are being stolen as part of a data breach or if they are compromised in any other way it's very difficult to recover that biometric identifier and to safely protect it again.”Mastercard said their first pilot would launch this week in Brazil with the Payface app. The company said it’s also working on other similar projects.

  • Cannabis News Week: DOJ Wants Supreme Court to Sit This One Out

    The Supreme Court sought input from the Department of Justice on a case out of Minnesota about employers covering medical marijuana expenses.

  • Eric Clapton Postpones Two European Tour Dates After Positive COVID Test

    The voluble vaccine skeptic has repeatedly railed against COVID restrictions and released two anti-lockdown songs.

  • The real Tokyo Vice: how a Westerner took on the yakuza and lived

    Some books carry cautions lest they offend sensitive readers. Jake Adelstein’s came with an actual trigger warning. “Any publisher handling this book should have experience dealing with the yakuza,” ran one publisher's internal report on his memoir Tokyo Vice. “Serious security measures should be taken.”

  • Contaminated marijuana in Arizona: Answers to Reddit's most asked questions

    Arizona Republic reporter Ryan Randazzo has been investigating Arizona's marijuana industry. He hosted a Reddit AMA to answer your questions.

  • 2 Top Metaverse Stocks Ready for a Bull Run

    The metaverse is a hot technology trend that's currently in its early phases of growth, but it is expected to become massive in the long run thanks to its ability to connect people spread across the globe in 3D virtual worlds. In simpler words, people can work, play, learn, and socialize within the metaverse from the comfort of their homes with the help of mixed reality devices that support both augmented reality and virtual reality. A third-party estimate forecasts that the metaverse market could grow at an annual rate of nearly 48% through 2029, hitting a size of just over $1.5 trillion at the end of the forecast period.

  • DigitalOcean Will Test Customer Loyalty With 20% Price Increase

    DigitalOcean Holdings (NYSE: DOCN) plays a different game than Amazon Web Services and the other giant cloud platforms. A small set of core cloud computing products, simple pricing with no surprises, free support and resources, and an easy-to-use platform have attracted around 623,000 customers. AWS has become the default choice for many, but it's often not the best choice for developers and small businesses.

  • FBI Records Reveal Matt Gaetz Was in Chaos Mode as Scandal Broke

    Photo Illustration by Thomas Levinson/The Daily Beast/GettyFifteen minutes before Rep. Matt Gaetz (R-FL) was due to go on Tucker Carlson’s Fox News show on March 30, 2021—hours after a bombshell report that he was under investigation for allegedly sex trafficking a minor—Gaetz was shouting, repeatedly, at FBI agents in his family home.“Do you have a warrant to be here?” Gaetz yelled, according to an FBI report of the event obtained by The Daily Beast.But as adversarial as Gaetz was in those mome

  • Cybersecurity Stocks To Buy And Watch As Earnings Reports Roll In

    The best cybersecurity stocks to own are changing amid a shift to remote work and cloud security. Now ransomware attacks are impacting budgets.

  • Tesla cars, Bluetooth locks, vulnerable to hackers - researchers

    Millions of digital locks worldwide, including on Tesla cars, can be remotely unlocked by hackers exploiting a vulnerability in Bluetooth technology, a cybersecurity firm said on Tuesday. In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner's phone. "This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world," the UK-based firm said in a statement, referring to the Bluetooth Low Energy (BLE) protocol - technology used in millions of cars and smart locks which automatically open when in close proximity to an authorised device.

  • Four armed intruders broke into Indiana home — but just two survived, police say

    The intruders weren’t the only ones who were armed, police said.

  • Software Growth Stocks To Buy, Watch Or Sell Amid Nasdaq Volatility

    The sell-off in software stocks continues. Some software growth stocks will surely rebound owing to revenue growth. But at what valuation?

  • Texas teens die from fentanyl overdose weeks before high school graduation

    Two high school seniors in Texas were found dead from a fentanyl overdose after suffering from drug addictions for years, according to investigators. The Montgomery County Sheriff’s Office deputies responded to a double overdose call at a home on Stanwick Place, The Woodlands. “An intervention person was at my house in the kitchen, and when she said it was time to wake up my daughter before she went to school to begin the intervention, with my letter and all that… my daughter was gone,” Sunderland told Click2Houston.

  • ApeCoin Migration Draws Interest From Avalanche, Flow

    The firm behind the Bored Ape Yacht Club NFT collection is in talks with layer 1 suitors as the project considers a post-Ethereum future.

  • ‘He Loved Me,’ Romance Novelist Testifies of Husband She’s Accused With Murdering

    Multnomah County SheriffOregon romance novelist Nancy Crampton Brophy took the witness stand in a Portland courtroom Monday, testifying in her defense against charges that she murdered her husband in 2018, seven years after penning the salacious essay “How to Murder Your Husband.”For the first time, Brophy walked through the morning of her husband’s death, addressing what may be the most challenging piece of evidence for her defense: surveillance footage showing what appears to be her and her mi

  • She Vanished on Spring Break in 2009. Cops Say They Found Her Body—and Her Killer

    Georgetown SheriffThe body of a 17-year-old New York girl who vanished during a 2009 trip to Myrtle Beach, South Carolina, has been found and identified—and a registered sex offender who was an early person of interest in the case is charged with kidnapping, raping, and strangling her.At a news conference Monday, the family of Brittanee Drexel listened as a parade of law enforcement officials discussed the “bittersweet” turn in the cold case but provided no details about how they were able to cr

  • Allianz to pay $6 billion in U.S. fraud case, fund manager charged

    NEW YORK/MUNICH (Reuters) -Germany's Allianz SE agreed to pay more than $6 billion and its U.S. asset management unit will plead guilty to criminal securities fraud over the collapse of its Structured Alpha funds early in the COVID-19 pandemic. Allianz's settlements with the U.S. Department of Justice and U.S. Securities and Exchange Commission are among the largest targeting a global financial institution. Gregoire Tournant, the former chief investment officer who created and oversaw the now-defunct Structured Alpha funds, is also being indicted for fraud, conspiracy and obstruction, while two portfolio managers entered related guilty pleas.

  • Husband sparks debate after working during entire international flight: ‘This is not a flex’

    ‘Work is not everything’