The person at the center of this case
Moises Luis Zagala Gonzalez (Fugitive)
Cold Case · Open
4 years waiting · since 2022
MOISES LUIS ZAGALA GONZALEZ
Justice for Moises Luis Zagala Gonzalez (Fugitive) — the trail went cold in 2022, but the truth hasn't.
Start here
Key leads to think about
🔍
evidence
Lead #1What specific companies and institutions were victimized by the Jigsaw v. 2 and Thanos ransomware variants?
🎯
suspect
Lead #2Where is Zagala Gonzalez currently located and what is his current status?
💡
clue
Lead #3Who were the individuals and organizations that purchased licenses for the Thanos ransomware builder?
Moises Luis Zagala Gonzalez is alleged to have designed and sold ransomware tools including 'Jigsaw v. 2' and 'Thanos' between April 2019 and March 2021, profiting through licensing fees and affiliate programs that shared ransom payments from victimized companies. A federal arrest warrant was issued in May 2022 for Attempted Computer Intrusions and Conspiracy to Commit Computer Intrusions in the Eastern District of New York. His current whereabouts remain unknown, and information about his location or activities could help federal authorities apprehend him.
Case
#793
Federal Bureau of Investigation (FBI); United States District Court, Eastern District of New York
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
📞
contact
Lead #4What cryptocurrency wallets or payment methods were used to receive ransom payments and licensing fees?
👤
person
Lead #5Are there associates or co-conspirators who helped design, distribute, or profit from these ransomware tools?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Attempted Computer Intrusions; Conspiracy to Commit Computer Intrusions Caution: From April of 2019, to March of 2021, Moises Luis Zagala Gonzalez allegedly designed and offered for sale multiple ransomware tools. Those tools included a ransomware variant called “Jigsaw v.
2,” which was used to extort money from companies and institutions by encrypting victim files and demanding a ransom for the decryption, as well as “Thanos,” a “Private Ransomware Builder” that was designed to evade antivirus software and has the ability to target specific files by extension. Zagala Gonzalez profited from these alleged actions, including by licensing the “Thanos” software to individuals who paid him a monthly fee and by operating an “affiliate” program in which Zagala Gonzalez received a portion of the ransom payment extorted from the victim.
A federal arrest warrant was issued for Zagala Gonzalez in the United States District Court, Eastern District of New York, Brooklyn, New York, on May 16, 2022, after he was charged with Attempted Computer Intrusions and Conspiracy to Commit Computer Intrusions.
Timeline of Events
📋
2019-04-01
Ransomware Development Period Begins
Moises Luis Zagala Gonzalez allegedly began designing and offering ransomware tools for sale
📋
2021-03-31
Ransomware Distribution Period Ends
Alleged ransomware sales and licensing activities ceased
🕵️
2022-05-16
Federal Arrest Warrant Issued
Warrant issued in United States District Court, Eastern District of New York for Attempted Computer Intrusions and Conspiracy to Commit Computer Intrusions
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:April 1, 2019
Last Updated:June 15, 2026
Leave a comment
Comments
Case Information
Incident:April 1, 2019
Last Updated:June 15, 2026