This 55-year-old French-Venezuelan doctor and hacker is the creator of two dangerous ransomware variants

In a recently filed criminal complaint, the U.S. Department of Justice (DOJ) revealed that Moises Luis Zagala Gonzalez, a 55-year-old French-Venezuelan doctor, is the primary developer of Thanos, a dangerous ransomware generator. In addition to Thanos, Zagala would have designed other hacking tools, such as the dangerous Jigsaw v.2 ransomware.

Cybersecurity specialists mention that Thanos allowed various groups of threat actors to deploy their own ransomware variants. Zagala also developed a guide to the use of its tools, in addition to divulging various tactics that hacking groups could use to make greater profits in their attacks.

Those interested could obtain a license to access the software or join an affiliate program developed by Zagala to share their profits with the developer of Thanos. This malicious tool was marketed through various dark web platforms, with publications referencing its advanced features such as adapting to any encryption malware variant.

According to the Federal Bureau of Investigation (FBI), an informant turned over detailed information about Thanos, including a tutorial taken directly from the dark web. After doing a little more research, the agents discovered that customers and affiliates used to frequently turn to Zagala to resolve doubts about the operation of this tool.

Zagala enjoyed a good reputation among the cybercriminal community; among the testimonials of its multiple customers stands out one in which it is stated that, using Thanos, hackers managed to infect a network of at least 300 computers, in addition to praising the support received by the tool.

By the end of 2021, the suspect was already sensing that FBI agents were after him. According to the Agency’s informant, Zagala began to repeatedly change his username on his dark web profiles: “Malware analysts are on me,” he told those close to him. In early May, the FBI identified some relatives of the suspect, based in Florida, confirming Zagala’s identity.

If the U.S. obtains his extradition, Zagala could face a sentence of up to five years in prison for one count of attempted intrusion, and another five years for conspiracy to commit computer intrusions.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.