US authorities accuse Venezuelan cardiologist Moises Luis Zagala Gonzalez, 55, also known by the pseudonyms Nosophoros, Aesculapius and Nebuchadnezzar, of being the mastermind of a series of devastating ransomware campaigns. According to US Department of Justice officials, the doctor set up a cybercriminal enterprise in which he had an economic interest in having his software used in successful cyberattacks.
“We allege that Luis Zagala not only created and sold ransomware products to hackers, but also trained them in their use. The actions we take today will prevent the latter from continuing to ransom users,” said Michael Driscoll, a senior US official.
“Many other cybercriminals are looking for companies and organizations that haven’t taken steps to protect their systems – which is an incredibly vital step in stopping the next ransomware attack. »
Devastating ransomware
Ransomware products associated with Luis Zagala include Jigsaw, and private ransomware builder Thanos.
Jigsaw has been around since 2016. It’s known for its dramatic ways of pressuring its victims to pay quickly, stealing the idea from the movie. Saw from 2004, where the characters must solve puzzles in a limited time or face fatal consequences.
Thanos – presumably named after Marvel’s super-villain – for his part first appeared in 2019. He offers his users to build their own ransomware. In 2020, while investigating security incidents at several prominent Israeli organizations, security researchers from companies ClearSky and Profero reported linking the use of Thanos ransomware to MuddyWater, a group of piracy known and supported by the Iranian state.
“Fighting ransomware is a top priority”
For US Attorney Breon Peace, “fighting ransomware is a top priority of the Justice Department and this office.”
“If you take advantage of ransomware, we will find you and disrupt your malicious operations,” he adds.
Still, if found guilty, Luis Zagala faces only five years in prison for attempted intrusion into a computer, and five years in prison for conspiracy to commit intrusions into a computer.
Source: ZDNet.com