• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
core members of doppelpaymer ransomware gang targeted in germany and

Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

You are here: Home / General Cyber Security News / Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine
March 6, 2023

Law enforcement authorities from Germany and Ukraine have targeted suspected core customers of a cybercrime group that has been guiding significant-scale attacks making use of DoppelPaymer ransomware.

The operation, which took position on February 28, 2023, was carried out with aid from the Dutch Nationwide Police (Politie) and the U.S. Federal Bureau of Investigation (FBI), in accordance to Europol.

This encompassed a raid of a German national’s house as effectively as queries in the Ukrainian metropolitan areas of Kiev and Kharkiv. A Ukrainian nationwide was also interrogated. The two persons are thought to have taken up vital positions in the DoppelPaymer team.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“Forensic assessment of the seized machines is even now ongoing to determine the exact job of the suspects and their back links to other accomplices,” the company even further reported.

DoppelPaymer, according to cybersecurity organization CrowdStrike, emerged in April 2019 and shares most of its code with an additional ransomware strain recognized as BitPaymer, which is attributed to a prolific Russia-primarily based team named Indrik Spider (Evil Corp).

The file-encrypting malware also reveals tactical overlaps with the notorious Dridex malware, a Windows-focused banking trojan that has expanded its options to involve information and facts-thieving and botnet capabilities.

“On the other hand, there are a quantity of dissimilarities amongst DoppelPaymer and BitPaymer, which may well signify that 1 or a lot more members of Indrik Spider have break up from the team and forked the resource code of equally Dridex and BitPaymer to begin their own Huge Sport Looking ransomware procedure,” CrowdStrike said.

Indrik Spider, for its part, was formed in 2014 by previous affiliate marketers of the GameOver Zeus legal network, a peer-to-peer (P2P) botnet and a successor to the Zeus banking trojan.

Find out the Most up-to-date Malware Evasion Practices and Avoidance Tactics

Prepared to bust the 9 most unsafe myths about file-centered attacks? Be part of our future webinar and come to be a hero in the fight against client zero bacterial infections and zero-day security activities!

RESERVE YOUR SEAT

Even so, subsequent improved regulation enforcement scrutiny into its functions prompted the group to change tactics, introducing ransomware as a suggests to extort victims and make unlawful profits.

“The DoppelPaymer attacks had been enabled by the prolific Emotet malware,” Europol stated. “The ransomware was dispersed by different channels, which includes phishing and spam email messages with attached files containing destructive code — either JavaScript or VBScript.”

The actors behind the felony scheme are estimated to have specific at the very least 37 providers in Germany, with victims in the U.S. paying out no a lot less than €40 million between May 2019 and March 2021.

Identified this short article interesting? Abide by us on Twitter  and LinkedIn to browse extra exclusive articles we submit.


Some parts of this write-up are sourced from:
thehackernews.com

Previous Post: «experts reveal google cloud platform's blind spot for data exfiltration Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks
Next Post: From Disinformation to Deep Fakes: How Threat Actors Manipulate Reality from disinformation to deep fakes: how threat actors manipulate reality»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz
  • Online Safety Bill: Why is Ofcom being thrown under the bus?

Copyright © TheCyberSecurity.News, All Rights Reserved.