The Department of Justice accuses a doctor of being behind a ransomware inspired by the film


Zagala’s Movie-Inspired Villainy

The most prominent piece of malicious code Zagala allegedly created and distributed was “Jigsaw v. 2”, a ransomware strain that had been circulating since 2016.

According to the DoJ, Jigsaw v. 2 included a counter that kept track of the number of attempts a user made to remove the ransomware. He was known for injecting a sense of urgency and distress into victims’ decision-making, reminiscent of the eponymous antagonist in the horror film franchise Saw.

While there are still plenty of questions to answer, one certainty is that Zagala is quite the cinephile – he’s also developed a private ransomware builder named after Marvel supervillain Thanos.

Thanos allows amateur ransomware writers to create their own ransomware from scratch and then deploy it or rent it to other people.

An Overview of Ransomware-as-a-Service

The Thanos ransomware generator included a location for “recovery information”, where a personalized ransom note could be prepared, and an area to specify the type of files you want to steal.

There was also an “anti-VM” option. VM stands for “virtual machine” – a computer system created using software capable of emulating most facets and functions of a physical computer made up of hardware.

Virtual machines are often used by security researchers as test environments for ransomware and other malware, so commercially available ransomware that can emerge from such an environment is a concerning development.

Zagala’s “customers” were able to purchase the malware in two ways: either they could purchase a license for a period of time, or an “affiliate” program where Zagala would deliver the software but take a share of the proceeds from any ransomware. orchestrated attack with him.

If the software was simply licensed, a link to a server in North Carolina would be maintained to confirm an active license.

Protect your business against ransomware

The threat of ransomware is frightening, present and growing at an alarming rate – and if your business is unprotected, then you are effectively a sitting duck. With the proliferation of ransomware as a service, the barrier to entry for threat actors has never been lower. Some programs can be purchased and require less technical knowledge than those covered in this article.

Luckily, there is good and bad software in this world, and there are plenty of ways to protect yourself against threats. We recommend that you start with anti-virus softwareespecially programs produced by vendors that offer protection against ransomware.

Couple that with a data security protocol and ransomware incident response that everyone in your business understands, and you’ll be in a much better position to protect your sensitive information from malicious actors.


Comments are closed.