The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on. The ransomware is being promoted as a Ransomware-as-a-Service on Russian-speaking hacker forums since February. It includes a built-in unencrypted file stealer, automated spreading to other devices, and the adoption of the RIPlace evasion technique. Microsoft told BleepingComputer that this technique is not considered a vulnerability as it does not satisfy their security servicing criteria.
Source: https://www.bleepingcomputer.com/news/security/thanos-ransomware-auto-spreads-to-windows-devices-evades-security/