Sunday, February 21, 16:57
Home security DoppelPaymer Ransomware: Creating a site to leak victim data

DoppelPaymer Ransomware: Creating a site to leak victim data

The hackers behind the DoppelPaymer Ransomware have made one website, which they intend to use to "Shame" the victims, who choose not to pay ransom. This means that hackers will start to publish archives who had stolen from them systems victims before they begin their encryption.

This method extortion started by them hackers of Maze Ransomware. Criminals began stealing files before encryption to blackmail the victims if they did not want to pay the ransom.

If the ransom is not paid, the ransomware gangs publish the stolen files on a news site to expose the victim. This can cause many problems. The victim can receive fines, lawsuits, while he may be charged with a misdemeanor data and other people (eg if the victim is a business that operates data customers and employees).

DoppelPaymer Ransomware

After the hackers of Maze Ransomware, other groups started following the same tactic (Sodinokibi, Nemty and DoppelPaymer).

The team behind DopplePaymer ransomware creates site to leak data

The site created by the hackers is called 'Dopple Leaks' and will be used to leak files and expose non-ransom victims.

Hackers created this site to threaten victims and make them believe that their data and names will leak into Internet.

The ransomware gang said that the site is currently on trial phase.

Currently, there are on the site four Companies, which according to hackers did not pay the ransom:

  • A company based in USA (with activities on and off). Reserve: 15 bitcoins (~ $ 150K).
  • A French telecommunications and cloud services company. Reserve: 35 bitcoins (~ $ 330K).
  • A logistics company based in South Africa. Reserve: 50 bitcoins (~ $ 500K).
  • The state-owned oil company Pemex Mexico attacked by the DoppelPaymer ransomware gang on November 10, 2019. The attackers demanded 568 bitcoins ($ 4,9 million at the time).

Most of the files available to hackers belong to Pemex.

For the other three companies, they stole only a few archives because there was "nothing interesting" or because "it was not our goal", as the hackers said.

The hackers said that now that they have this site, they will be stealing other information.

DoppelPaymer Ransomware

Treat ransomware attacks as data breaches!

Ransomware attacks should be treated as data breaches.

For years, ransomware gangs have been known to steal files before they encrypt their computers to threaten victims.

However, only recently has this practice started to apply. That's why companies must report the theft of information and deal with these attacks as data breaches.

This has to be done because hackers steal not only corporate data, but also supplier, customer and employee data.

Η transparency is very important, as hiding ransomware attacks puts many people at risk.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...