Another ransomware program is contaminating PCs, and it’s requesting Bitcoin cash to allow users to decrypt their files. The name of this new ransomware is Thanatos. It was uncovered by security specialists at MalwareHunter Team. What makes this specific attack significant is that it makes an encoded file, however the key isn’t saved anyplace. Regardless of whether unintentionally or plan, there’s no real way to effortlessly open a PC once it’s been compromised. Even if you do pay the ransom, it’s impossible the developers of the malware will ever have the capacity to unscramble your information. Let’s take a look in more detail.
It is a type of malicious program/code created by hackers to block access to a computer system until money is paid. In other words, it is similar to a person going into your apartment and locking everything you possess in a box. This box can’t be opened without the code. Then the person who locked your valuables in the box tells you they will give you the code if you give them money and if you don’t pay them then they will destroy everything in that box. You can’t crack the code because attackers give you very less time frame. Some ransomware attacks lock the computer system in a manner which are very challenging even for a knowledgeable person to crack. Hackers uses cryptography (The process of converting ordinary plain text into incomprehensible code) to encrypt the organization’s or victim’s files, making them inaccessible, and demands a ransom amount to decrypt the files.
In this attack it creates a ransom note named README.txt. Every time a user logs in, the ransom note is opened by an autorun key named “Microsoft Update System Web-Helper”
As shown above, Thanatos creates a new key for each infected client, the programmers have no way to decrypt clients’ files as these keys are not saved anywhere. The current ransom amount is $200 USD accepted in Bitcoin, Ethereum, or Bitcoin Cash and the email address associated with this campaign is thanatos1.1[@]yandex[.]com.
While the encryption part of Thanatos is a wreck, the ransomware introduces something new. That is being the first ransomware to acknowledge Bitcoin Cash as a payoff installment. For those new to Bitcoin Cash, it is another digital money that was spun off from Bitcoin. At the point when Bitcoin hit square 478,558, Bitcoin was forked into another digital money called Bitcoin Cash. When this fork happened, Bitcoin holders were then given a proportional measure of Bitcoin Cash. For instance, if a client had 2 Bitcoins at the season of the fork, they would have gotten 2 Bitcoin Cash too.
How to protect yourself from ransomware?
- Backup your files
- Do not click on links, if you do not know who sent them.
- Also scan attachments, links with tools like VirusTotal.
- Make sure all operating system updates are installed.