Thanatos Ransomware
The Thanatos Ransomware is a file-locking Trojan capable of encrypting your files so that they no longer open. While its attacks also include ransoming messages that offer a premium data-restoring option, this solution is a hoax, and malware experts encourage using other methods heavily, as necessary. Since this threat causes data loss that may be irreparable, you always should have your anti-malware products delete the Thanatos Ransomware as soon as they identify its presence on your PC.
Digital Death Arrives with a Tactic for Your Files
A file-locking threat without a definitive ancestry, such as ties to the Turkish Hidden Tear project or the data-deleting Jigsaw Ransomware, is beginning to be identifiable in multiple threat databases among the PC AV sector. What's most relevant about this new Trojan, the Thanatos Ransomware, isn't its method of damaging files, but how it follows up that attack. Malware experts are verifying the Thanatos Ransomware's campaign as being another case of cybercrooks trying to extort their victims without delivering the promised goods.
The Thanatos Ransomware may attack different formats of media, such as documents, spreadsheets, pictures or audio clips. The Thanatos Ransomware converts each file into an encrypted variant that fails to open in its regular application and also adds the '.THANATOS' extension to their names. This label is a reference to the equivalent of the Greek mythology's 'Grim Reaper' archetype, although the Thanatos Ransomware uses English-based components, rather than ones specific to Greece.
The Thanatos Ransomware's simple ransom note, a Notepad file, is where malware experts find the semi-unique details regarding this threat. The Trojan asks for a small Bitcoin ransom (0.01 BTC, or roughly 110 USD), and gives the user an address for paying and an e-mail to contact for the decryptor. However, the Thanatos Ransomware generates a new key for every file that it locks and discards it, instead of uploading or otherwise saving the code. This unusual trait means that the victims are paying a ransom in return for nothing.
Avoiding the Untimely Demise of What's on Your PC
While some file-locking Trojans do retain the required information for unlocking anything they've encrypted, once the user abides by any prerequisite conditions, this fact isn't true universally. The Thanatos Ransomware's encryption method may be secure incompletely, and users without backups still can try some advanced restoration solutions with the help of appropriate, experienced cryptography researchers. However, storing a remote backup always is the default recommendation of malware analysts for defending your data against both the Thanatos Ransomware and all other Trojans wielding non-consensual encrypting features.
Besides its ransom size being relatively modest, there are limited clues as to how the Thanatos Ransomware's campaign is distributing the Trojan. Smaller ransom demands often are associated with attacks against recreational or random PC owners, which can occur via file-sharing networks or unsafe Web-browsing content. E-mail attachments also are prolific infection vectors for most threats of this classification. Even when accounting for each of these infection methods, a patched anti-malware program should remove the Thanatos Ransomware automatically.
The Thanatos Ransomware's author is profiting from doing nothing more than attacking PCs and pretending to fix them. This segment of the threatening software industry fuels itself by the gullibility of the individuals it victimizes and handing cryptocurrency over to a con artist blindly is an ongoing part of the problem.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.