Man charged for selling ransomware to Iranian IRGC hackers

A French-Venezuelan cardiologist has been accused by the US of selling ransomware to cybercriminals, including malicious actors associated with the government of Iran and its terrorist designated IRGC hackers.

The Brooklyn district attorney’s office said Monday that Moises Luis Zagala, 55, not only created and sold ransomware products to hackers, but also trained them on how to extort victims, and then boasted about successful attacks by an Iranian state-sponsored hacking group.

In early 2019, Zagala began advertising his new tool on the web as a “Private Ransomware Builder” which he named “Thanos” after the Marvel Comics villain responsible for destroying the half of life in the universe, as well as Thanatos, the personification of death in Greek mythology.

Zagala publicly bragged about a news story about an Iranian IRGC hackers group’s use of Thanos to commit ransomware attacks on Israeli companies.

The Islamic Republic is very active in various malign cyber activities and is also providing cyber technology to its proxies, including the Lebanese Hezbollah, to build their own cyber units.

The National Interest reported in mid-April that Iran has helped Hezbollah become “the most sophisticated and influential Middle Eastern terrorist organization in cyberspace after the collapse of the Islamic State caliphate”.

Earlier in April, Meta, formerly the Facebook company, removed two Iranian cyber espionage groups that were targeting academics, activists, journalists, and other victims to collect intelligence, manipulate them into revealing information, and compromise their devices and accounts.

The groups, possibly sponsored by Revolutionary Guard (IRGC), targeted the Iranian diaspora, dissidents and human rights activists from Israel and Iran, Iran-focused academics, politicians in the US, people in the Middle East including the Saudi military, and journalists around the world.

Zagala’s current whereabouts are unknown, but the FBI has requested that a warrant be issued for his arrest. If convicted, he faces up to 10 years in prison.

Latest news
Related news