Need The Best IT Services?

Call Us Today!

(719) 355-2440

The U.S. Names and Shames a Venezuelan Cardiologist as a Notorious Ransomware Maker

Key Points:

  • The FBI has named a Venezuelan heart doctor the alleged mastermind of the notorious Thanos and Jigsaw version ransomware.
  • The Justice Department says that the 55-years old cardiologist developed and distributed Jigsaw and Thanos software that allowed attackers to deploy their ransomware variant.
  • Luis Gonzalez allegedly rented out and sold ransomware tools to attackers starting in 2019, teaching the attackers how to use the tools.
  • What makes him unique is that he provides extensive technical support for people buying his software in case they face problems deploying attacks against victims.

The U.S. Department of Justice says that Moises Luis Zagala Gonzalez — a 55-year-old Venezuelan cardiologist — is the alleged creator of Jigsaw v.2 and Thanos ransomware strain.

According to a U.S. criminal complaint unsealed on May 16th, 2022, Gonzalez allegedly engaged in attempted computer intrusion and conspiracy to commit computer intrusion.

YouTube video

Hear From Our
Happy Clients

Read Our Reviews
Read Reviews about Colorado Computer Support

Selling Ransomware as a Service (RaaS) Platform

The self-taught developer allegedly designed two ransomware packages to encrypt files on victims’ systems before demanding ransom in exchange for a decryption key. The cardiologist built ransomware tools such as:

  • Jigsaw Version 2
  • Thanos — a more sophisticated ransomware builder named after Marvel super villain

Criminals could use the Thanos platform to develop ransomware with custom ransom features that would frustrate security researchers and a “data stealer center” that they’d use to steal files from compromised systems.

The cardiologist allegedly profited from running the RaaS operation by selling his software to other cybercriminals and obtaining payments in bitcoin.

An Extreme Approach to Ransomware Attack

Apart from developing the ransomware, Gonzalez went ahead to advertise and sell it on cybercriminals’ internet forums. The cardiologist would then sell his ransomware tool to criminals targeting businesses.

Surprisingly, he allegedly offered excellent technical support for customers who had difficulty deploying attacks. If an attacker found Zagala’s platform not working correctly, they would send an email to Dr. Gonzalez for help to deploy the attack.

The Damage The Two Ransomware Strain Caused

Zagala, also known as Jay Tee, pleaded guilty to conspiracy to commit wire fraud in August 2019. The FBI says that the cardiologist began developing ransomware in 2016.

In 2017, he and his conspirators launched the Jigsaw ransomware, which encrypts a victim file and asks for a ransom to be paid in bitcoin to decrypt the files.

The FBI further insisted that Zagala then created a 2.0 version of Jigsaw ransomware designed to update the older ransomware program. He then developed a ransomware-creation tool called Thanos.

According to the plea agreement, the Jigsaw v.2 ransomware has encrypted over 500,000 files, while the Thanos strain targeted healthcare facilities globally. Zagala admitted that he and his conspirators caused more than $5 million in losses to victims globally.

If Gonzalez is extradited to the U.S. to face charges, law enforcement will have a major victory in the fight against cybercrime.

Your Business Needs to Have Several Security Layers

Such incidences emphasize how aggressive cybercriminals are. The Thanos variant allows ransomware authors to inject malicious software into Windows genuine processes, which are usually whitelisted.

Such a variant can encrypt files by bypassing security solutions.

You need several security layers to protect your business from several techniques used by advanced ransomware. You never know where and when the threat is going to come from. You need to prepare and be ready to bounce back if successfully hit by ransomware.

Colorado Computer Support Will Help Your Business Protect Itself From Cyberattacks

Colorado Computer Support can constantly watch your system to protect your business and customers. With the changing and evolving cybersecurity threats, hackers continuously look for vulnerabilities to exploit.

We can help you have a multi-layered system to take a preventive approach. Contact us today for help in protecting your business against cybersecurity threats.


Searching For A Reliable Technology Service and IT Management Team?

Connect With CCS To Schedule An Initial Consultation
You consent to receive text communication from Colorado Computer Support by entering your phone number. Rates and terms may apply—text STOP to opt-out.

Latest Blog Posts

Auto Responders Are A Terrible Idea For Business Executives Out Of Office
Auto Responders Are A Terrible Idea For Business Executives Out Of Office

Discover why auto responders can be detrimental for business [...]

Read More
Unlock the Secret to Perfect iPhone Photos: 3 Tips Every Photographer Must Know!
Unlock the Secret to Perfect iPhone Photos: 3 Tips Every Photographer Must Know!

Learn how to take perfectly level photos with your iPhone using these [...]

Read More
How To Permanently Delete Your Data
How To Permanently Delete Your Data

Working with attorneys recently, I found out about the importance of [...]

Read More
Read The CCS Tech Blog

Certified and Verified Service-Disabled Veteran-Owned Small Business (SDVOSB)

Colorado Computer Support is a local IT company certified and verified service-disabled veteran-owned Small Business. When you use our IT services, you can be confident that you are dealing with a company owned by a disabled veteran and that they will be able to provide you with the best possible IT support.