News broke yesterday that researchers identified a new ransomware, Thanatos. When this ransomware infects a victim, it uses a new key for each encrypted file. However, the problem is that these keys are never saved anywhere. This means that if a user pays the ransom, the ransomware developer does not have a method that will actually be able to decrypt each file. The good news is it may be possible to brute force the encryption key for each file. It’s also worth noting this is the first ransomware to accept Bitcoin Cash as a ransom payment.
Andy Norton, Director of Threat Intelligence at Lastline commented below.
Andy Norton, Director of Threat Intelligence at Lastline:
“It’s not the first time a piece of malware has been named Thanatos. However, its previous namesake, posed a serious threat as a fully functional trojan.
This ransomware named Thanatos, follows a recent pattern of poorly thought out amateur ransomware releases that have had zero success.”