Thanos Ransomware : Another Popular Ransomware family

Thanos Ransomware is a new Ransomware-as-a-Service(RaaS) tool, which has immense popularity in underground forums.

Thanos was discovered to be the sole ransomware family which was used by the researcher as a RIPlace tactic. If you know about the place that was a windows file system technology that can be used to maliciously alter files and allow the cyber attacker to bypass the anti-ransomware methods.

History

1. The first story of the thanos started at the end of October 2019 and that is Quimera ransomware.
2. By early 2020, It has started being identified as Hakbit which is based on core functionality using the string and code are similar.
3. According to a report, the ransomware was finally identified as Thanos which is being promoted as a RaaS on a Russian hacker’s forums in February.
4. It was also said that ransomware attacks have been discovered with Thanos 25% surge in any attack of the first three months of 2020 as compared to the final three months of 2019.

About Thanos Ransomware

1. The client code of Thanos is written in C#
2. The client end uses the encryption mode of AES-256 which is in CBC mode.
3. The Thanos client has also been offered by lateral-movement function with SharpExe.

Final

It was believed that the ransomware will continue to be used as a weapon by the operator in different ways. Carbon Back and Kaspersky updated the software post-disclosure of the latest technique used by Thanos.

Found this article informative? Follow Vednam on Facebook, Twitter, Mix, Tumbler and Linkedin to know more exclusive content we post.