Another ransomware program is infecting computers, and it’s demanding Bitcoin Cash to let users unlock their files. A report at Bleeping Computer highlights the new ransomware, dubbed Thanatos, that was unearthed by security experts at MalwareHunter Team.
What makes this particular infection noteworthy is that it creates an encrypted file, but the key is not saved anywhere. Whether by accident or design, there’s no way to easily unlock a computer once it’s been compromised. Even if you do pay the ransom, it’s unlikely the developers of the malware will ever be able to decrypt your data.
It is possible to use a brute force method to discover the encryption key, however. Users infected with Thanatos are strongly advised not to pay the ransom and instead contact a cyber security firm for assistance.
After a computer is infected, all the encrypted filename extensions are changed to .THANATOS. A ransom note in the form of a README.txt file pops up whenever the user tries to log on, demanding $200 in cryptocurrency to decrypt the files.
Thanatos is noteworthy in that it’s the first ransomware scam to accept Bitcoin Cash for payment, along with Bitcoin and Ethereum. Bitcoin Cash is a spin-off of regular Bitcoin caused by a “hard fork” in the currency, similar in practice to a stock split.
Cryptocurrency is quickly becoming the payment method of choice for online extortionists; CCN reports that 34 ransomware schemes netted $25 million over a two-year period. Most criminals were using the Bitcoin exchange BTC-e to redeem their extorted funds. BTC-e has been used to launder money in the past, and several countries have called for legal oversight of the shadowy exchange.
Bleeping Computer has an in-depth guide that outlines some steps you can take to protect your data, such as anti-ransomware security software that includes behavioral detection algorithms. We’ve also compiled an overview of some of the best free anti-virus software to help keep your computer up and running.
You’ve heard it a hundred times, but it bears repeating: Always back up your data, always update your OS to the latest version, and don’t use the same passwords for multiple applications.
- Garmin reportedly used decryption key, may have paid ransom after cyberattack
- Garmin services down after reported ransomware attack
- Dozens of major Twitter accounts hacked in massive Bitcoin scam
- Garmin services slowly coming back to life after reported ransomware attack
- The 7 worst Bitcoin scams