"Doctor Accused of Being Prolific Ransomware Developer"

US authorities have accused a 55-year-old doctor of developing, selling, and renting out ransomware to cybercriminals worldwide.  Moises Luis Zagala Gonzalez (Zagala), aka “Nosophoros,” “Aesculapius,” and “Nebuchadnezzar,” is a French and Venezuelan citizen.  According to the Department of Justice (DoJ), the cardiologist, who lives in Ciudad Bolivar in Venezuela, has been charged with attempted computer intrusions and conspiracy to commit computer intrusions.  He is also accused of developing the Jigsaw v2 variant, which features a “Doomsday” counter that completely erases a victim’s hard drive if they try and fail to get rid of the malware too many times.  Zagala is also linked to ransomware-as-a-service (RaaS) offering Thanos, which allows clients to customize it and then use or rent it out to others.  The DoJ said that affiliates were given access to the RaaS builder in return for a share of the profits from any subsequent attacks.  An FBI source contacted Zagala in May 2020, and the latter offered to license a ransomware program to them for $500 per month.  In a subsequent conversation, he allegedly explained to the source how to set up an affiliate program.  Zagala told another FBI source that he changed his online moniker to Nebuchadnezzar to throw malware analysts off the scent.  According to reviews posted on the dark web and republished by the DoJ, one customer said Thanos enabled them to infect a network of 3000 computers.  It’s unclear if Zagala is still at large, but if convicted, he faces five years imprisonment for attempted computer intrusion and another five years for conspiracy to commit computer intrusions.

Infosecurity reports: "Doctor Accused of Being Prolific Ransomware Developer"