Saturday, October 31, 12:36
Home security DoppelPaymer Ransomware: Creating a site to leak victim data

DoppelPaymer Ransomware: Creating a site to leak victim data

The hackers behind the DoppelPaymer Ransomware have made one website, which they intend to use to "Shame" the victims, who choose not to pay ransom. This means that hackers will start to publish archives who had stolen from them systems victims before they begin their encryption.

This method extortion started by them hackers of Maze Ransomware. Criminals began stealing files before encryption to blackmail the victims if they did not want to pay the ransom.

If the ransom is not paid, the ransomware gangs publish the stolen files on a news site to expose the victim. This can cause many problems. The victim can receive fines, lawsuits, while he may be charged with a misdemeanor data and other people (eg if the victim is a business that operates data customers and employees).

After the hackers of Maze Ransomware, other groups started following the same tactic (Sodinokibi, Nemty and DoppelPaymer).

The team behind DopplePaymer ransomware creates site to leak data

The site created by the hackers is called 'Dopple Leaks' and will be used to leak files and expose non-ransom victims.

Hackers created this site to threaten victims and make them believe that their data and names will leak into Internet.

The ransomware gang said that the site is currently on trial phase.

Currently, there are on the site four Companies, which according to hackers did not pay the ransom:

  • A company based in USA (with activities on and off). Reserve: 15 bitcoins (~ $ 150K).
  • A French telecommunications and cloud services company. Reserve: 35 bitcoins (~ $ 330K).
  • A logistics company based in South Africa. Reserve: 50 bitcoins (~ $ 500K).
  • The state-owned oil company Pemex Mexico attacked by the DoppelPaymer ransomware gang on November 10, 2019. The attackers demanded 568 bitcoins ($ 4,9 million at the time).

Most of the files available to hackers belong to Pemex.

For the other three companies, they stole only a few archives because there was "nothing interesting" or because "it was not our goal", as the hackers said.

The hackers said that now that they have this site, they will be stealing other information.

Treat ransomware attacks as data breaches!

Ransomware attacks should be treated as data breaches.

For years, ransomware gangs have been known to steal files before they encrypt their computers to threaten victims.

However, only recently has this practice started to apply. That's why companies must report the theft of information and deal with these attacks as data breaches.

This has to be done because hackers steal not only corporate data, but also supplier, customer and employee data.

Η transparency is very important, as hiding ransomware attacks puts many people at risk.


Please enter your comment!
Please enter your name here

Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


How can you view older versions of a site?

Wayback Machine is an online service that takes screenshots from sites, allowing its users to see what a site was like ...

The Marriott breach fine was reduced to $ 23,8 million

The fine imposed by the British security observer, at the Marriott hotel unit due to data breach, was reduced by 14,4 million £ ...

How to view changes in a Microsoft PowerPoint presentation

While Microsoft 365 subscribers can collaborate in real time on a PowerPoint presentation, some prefer to work alone ...

iPhone / iPad: How to add bookmarks to multiple tabs in Safari

Safari on iPhone and iPad has a hidden feature that allows you to add bookmarks to all open sites ...

NordPass notifies you if your data has been compromised

NordPass password manager has announced a new update, which will help users find out if their data ...

How to change Screen Saver on Android TV

Android TV may not be as customizable as an Android phone, but there is still plenty you can do to ...

USA: Co-operation needed to tackle online child abuse

The Assistant Attorney General of the United States, Beth Williams, calls on all people to take action and unite for ...

Russian hackers targeted the Democratic parties of California and Indiana

The group of Russian hackers who are accused of interfering in the 2016 presidential elections in the USA, this year are accused of targeting emails ...

Educational institutions faced with spear-phishing attacks!

Educational institutions are increasingly being targeted by spear-phishing attacks, according to a new study by security company Barracuda Networks. According to...

Samsung: Find your lost cell phone with the SmartThings Find service

Today Samsung announced SmartThings Find as a free service to help you find your Galaxy phone, tablet, ...