Restore files that were encrypted by Thanatos malware

Discussion in '0-day Release' started by RGiskardR, Jun 28, 2018.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member

    [​IMG]
    Thanatos is a ransomware variant that has been distributed using malware campaigns over the past few months.

    Attack vectors include distribution through chat rooms on the Discord chat platform but also through other channels. Users need to execute specifically prepared files on Windows PCs to initiate the ransomware infection process.

    Different versions of the malware were distributed with Thanatos 1.1 being the most recent version of the ransomware and the likelihood that newer versions will become available.

    The name Thanatos comes from the readme file that attackers plant on the user system. It includes instructions to users to pay a ransom using electronic currency to gain access to a decrypting tool to decrypt files that the ransomware encrypted on the user's device.

    Full reading: https://www.ghacks.net/2018/06/27/restore-files-that-were-encrypted-by-thanatos-malware/
     
    silversurfer and Trim like this.
  2. Google Adsense

  3. Trim

    Trim MTAC Moderator Staff Member Member Of Month - Tweakbytes Defender

    Really useful information, thanks for sharing that @RGiskardR
     
    silversurfer and RGiskardR like this.

Share This Page