Thanatos Ransomware becomes the first to use Bitcoin cash

Ransomware developers are constantly releasing new and improved variations of ransomware. Though most of the time, IT experts are able to come up with a secure protection tool, ransomware developers can hold data hostage for as little as 3 hours before they decide to remotely erase everything. The fear factor has been able to extract extraordinary sums from victims.

Just this week, it has emerged that an obscure ransomware like SamSam had made $850,000 since December 2017, while the total cash accumulated by ransomware attacks for 2017 was close to $16 million worldwide, according to a research report.

Money has always been the primary factor behind any ransomware attack. However, since the beginning of 2017 the definition of money has undergone a significant change as well. This has become even clearer after the recent Thanatos ransomware attack which has left thousands of users infected, with a ransom note demanding payment in bitcoins. Bitcoin has effectively become the currency of choice for ransomware developers.

However, greed has also become a notable factor in these instances. What makes Thanatos unique is not its impact but its flaws. The ransomware is full of bugs and broken code. There is no ransomware removal technique that can remove ransomware that is itself broken. It infects the computer but due to its bugs, it cannot be properly decrypted either by the Unique Key or ransomware removal tool.

There is another aspect that makes Thanatos unique; it is the first ransomware that officially accepts Bitcoin Cash. The ransomware also accepts Bitcoin and Etherum but the added option of Bitcoin Cash is the first that has been noted in the years since cryptocurrency gained popularity among ransomware developers.

The ransom note for this ransomware is generated via an autorun key called “Microsoft Update System Web-Helper”. A readme.txt file will be generated where the user can find instructions on how to make the $200 Bitcoin cash payment.

To remove ransomware of this kind, it is recommended that you use System Restore as the bugs in the ransomware make it impossible to crack. Keeping a regular backup of your files makes it easier to perform a System Restore or even a Windows reinstallation.

For assistance with file recovery and ransomware removal, please contact MonsterCloud – cyber security experts for a professional ransomware removal.

Related Posts