On July 6 and July 9, 2020, we observed files associated with an attack on two state-run organizations in the Middle East and North Africa that ultimately installed and ran a variant of the Thanos ransomware.

Recorded Future’s Insikt Group® has developed new detection methods for Thanos ransomware as part of an in-depth investigation. Data sources included the Recorded Future® Platform, online multiscanner repositories, and various OSINT tools.

Recorded Future’s Insikt Group® has developed new detection methods for Thanos ransomware as part of an in-depth investigation. Data sources included the Recorded Future® Platform, online multiscanner repositories, and various OSINT tools.

Mar 23, 2022 · Identifying Thanos as the Source for the Prometheus, Haron, Spook, and Midas ransomware variants. Tracing the evolution of Thanos based ransomware variants back to the source provides threat researchers with an inside look at how ransomware gangs operate and evolve over time.

Jun 10, 2020 · The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye...

Thanos ransomware targets its victims through trojanized downloads. Once active, the ransomware has the ability to move laterally (spreading via SMB). This tool is far more complex and robust than many previous builder-based ransomware services such as …

Dec 9, 2022 · Thanos was discovered by GrujaRS. This ransomware encrypts files, modifies filenames and generates a ransom message. It renames files by appending the ".locked " extension. Therefore, after encryption, " 1.jpg " is renamed to " 1.jpg.locked ", " 2.jpg " to " 2.jpg.locked ", and so on.

Mar 1, 2021 · It deletes registry keys related to antivirus programs. Doing this allows this malware to execute its routines without being detected by installed antivirus programs. It avoids encrypting files with the following file extensions.

Jul 16, 2020 · Last week, FortiGuard Labs captured a new Thanos ransomware sample. This ransomware is being popularly advertised on the underground market as a Ransomware-as-a-Service (RaaS) tool. In this blog we will present the analysis of the captured sample. This malware was written in C# (C-Sharp).

Nov 19, 2020 · Online sandbox report for Thanos.exe, tagged as ransomware, verdict: Malicious activity