The U.S. Department of Justice has charged cardiologist Luis Zagala Gonzalez, 55, with creating and renting Jigsaw and Thanos ransomware to cybercriminals.
Zagala holds both French and Venezuelan citizenship and lives in Ciudad Bolivar. He was accused of running an affiliate program in which cybercriminals would share their own ransomware with a builder offered by the developer.
“As alleged, the multi-tasking doctor treated patients, created and named his cyber tool after death, profited from a global ransomware ecosystem in which he sold the tools for conducting ransomware attacks, trained the attackers about how to extort victims, and then boasted about successful attacks, including by malicious actors associated with the government,” said U.S. Attorney Breon Peace.
If convicted, Zagala faces up to five years in prison for attempted computer intrusion and five years for conspiracy to commit computer intrusions.
Thanos ransomware is a Ransomware-as-a-Service (RaaS) operation, is advertised on Russian-speaking hacker forums. The malware allows affiliates to customize their ransomware using a builder offered by the developer.
The sources for this piece include an article in BleepingComputer
