Search Posts

Thanos ransomware auto-spreads to Windows devices, evades security

Hacker forum advertisement


The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on.

Thanos first began private distribution at the end of October 2019, but it was not until January 2020 when victims seeking help for what was called then the Quimera Ransomware.

As time went on, victims continued to seek help in the BleepingComputer forums for the same ransomware, but it was now being identified as Hakbit.

In a new report by Recorded Future, we learn that this ransomware is named Thanos and is being promoted as a Ransomware-as-a-Service on Russian-speaking hacker forums since February.


Thanos ransom note


If you have a business, and are not using commercial grade anti-ransomware and a real backup solution, you aren’t protected.


Contact us.