Ransomware developers continue to release infections that are clearly not tested well and contain bugs that may make it difficult, if not impossible, for victims to recover their files. Such is the case with the new in the wild ransomware called Thanatos that has been discovered by security researcher MalwareHunterTeam.
When the Thanatos Ransomware infects a victim it will use a new key for each encrypted file. The problem, according to researcher
Francesco Muroni, is that these keys are never saved anywhere. This means that if a user pays the ransom, the ransomware developer does not have a method that will actually be able to decrypt each file. Therefore, it is not recommended that victims pay the Thanatos ransom for any reason.
The good news is that according to Muroni it may be possible to brute force the encryption key for each file. This would take quite a bit of time and would require the file to be a common file type with a known magic header.
