Cardiologist allegedly created and sold ransomware tools to hackers

The United States Department of Justice (DOJ) has accused a Moises Luis Zagala Gonzalez, a 55-year-old cardiologist in Venezuela, of creating and selling ransomware tools used to extort victims. He was officially charged with attempted computer intrusions and conspiracy to commit computer intrusions. The criminal complaint was unsealed on May 16 in a federal court in Brooklyn, New York.

Zagala — who went by the nicknames “Aesculapius,” “Nosophoros” and “Nebuchadnezzar” — also allegedly trained cybercriminals how to use the ransomware and made agreements to receive a share of any profits.

One of the ransomware tools Zagala allegedly designed, known as “Thanos,” allowed his customers to design their own ransomware software, which they could then use themselves or rent out to other cybercriminals. An Iranian state-sponsored hacking group used Thanos to attack various Israeli companies, according to the DOJ.

“We allege Zagala not only created and sold ransomware products to hackers, but also trained them in their use,” Michael J. Driscoll, assistant director-in-charge of the FBI’s New York Field Office, said in an official statement. “Our actions today will prevent Zagala from further victimizing users. However, many other malicious criminals are searching for businesses and organizations that haven't taken steps to protect their systems — which is an incredibly vital step in stopping the next ransomware attack.”

“Combating ransomware is a top priority of the DOJ and of this office,” added Breon Peace, U.S. attorney for the Eastern District of New York. “If you profit from ransomware, we will find you and disrupt your malicious operations.”

The FBI communicated with Zagala through a confidential human source in May 2020. In October of that same year, that source received a “short tutorial” from Zagala about how to establish a crew of hackers to use the ransomware. The cardiologist also allegedly discussed his process with this FBI source, noting that “almost all” big networks he attacks end up paying the ransom.

Zagala faces up to five years in prison for the attempted computer intrusion charges and up to five years in prison for the conspiracy to commit computer intrusions charges.

Related Cybersecurity and Ransomware Content:

U.S. government, American Hospital Association warn of potential Russian cyber attacks

Health data breaches increased three-fold in 2021

Likelihood of cardiac devices being hacked is low — but stakeholders should remain vigilant

Data breaches linked to more fatal MIs

 

Michael Walter
Michael Walter, Managing Editor

Michael has more than 18 years of experience as a professional writer and editor. He has written at length about cardiology, radiology, artificial intelligence and other key healthcare topics.

Around the web

Ron Blankstein, MD, professor of radiology, Harvard Medical School, explains the use of artificial intelligence to detect heart disease in non-cardiac CT exams.

Eleven medical societies have signed on to a consensus statement aimed at standardizing imaging for suspected cardiovascular infections.

Kate Hanneman, MD, explains why many vendors and hospitals want to lower radiology's impact on the environment. "Taking steps to reduce the carbon footprint in healthcare isn’t just an opportunity," she said. "It’s also a responsibility."