Wednesday, February 24, 11:13 p.m.
Home security The DoppelPaymer ransomware team behind the Newcastle University hack

The DoppelPaymer ransomware team behind the Newcastle University hack

Newcastle University, the UK research university, said the team behind DoppelPaymer ransomware had broken into its network, resulting in systems to be disconnected on the morning of 30 August. The university added that it would take several weeks for IT to return. services of after the hack. The attack is being investigated by the British police and the National Crime Agency, in collaboration with the IT Service of Newcastle University.

More specifically, the university announced that on Sunday, August 30, 2020, it discovered that a serious hack took place in it, which disrupted the operation of its networks and IT systems. Thus, all university systems, with the exception of those mentioned in communications (Office365 - including the e-mail and Teams, Canvas and Zoom) are either not available or are available with restrictions. Newcastle University has not yet decided whether to reset account passwords, but says it can do so based on in-house support teams and expert advisor recommendations.

Newcastle University hack

The investigation into the hack is still at an early stage. IT teams continue to work hard to restore the systems and to work with the police and the National Crime Agency during their investigations. However, it is not possible to disclose further details about the incident until this initial investigation is completed. The ICO and the Office for Students were notified within 72 hours of the hack being detected, according to a university spokesman.

According to the university, at the moment, many of its IT services are offline and will remain down, while those that are operating could be removed without warning, during recovery efforts.

Newcastle University also added the following:

  • University members may miss it access in their IT accounts without notice and may not be reactivated quickly.
  • The university may need access to any IT system maintained or used by its members.
  • Computers may need to be removed, servers or other devices, if they are found to be affected, in order to carry out detailed investigations.

During ongoing surveys, students and staff will only have access to limited IT services, including Office365 (email, applications Office and Teams comm channels), basic SAP and Zoom services. The university also advised students and staff to copy key files from the university's shared disk to their accounts at OneDrive.

DoppelPaymer ransomware hack

After Newcastle University reported that he suffered hacking attack, DoppelPaymer ransomware operators claimed responsibility for the incident. They also reported stolen data value of 750Kb as proof on the data leak site Dopple Leaks, a tactic adopted by Maze Ransomware, since February 2020.

DoppelPaymer is a ransomware feature known to attack companies from at least mid-June 2019, gaining access to admin credentials and using them to compromise the entire network to deploy ransomware payloads on all devices. It is also known that they ask for large amounts of ransom, since the attacks they encrypt hundreds or even thousands of systems on their victims' networks.

DoppelPaymer ransomware

In November 2019, the Mexican state oil company PEMEX (Petróleos Mexicanos) was attacked by the DoppelPaymer ransomware, with the gang demanding $ 4,9 million worth of bitcoin as ransom for decrypting files. DoppelPaymer got its name from BitPaymer, with which it shares large chunks of code, but its operators have added many upgrades to malware for faster operation.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


Bombardier: The Clop ransomware team leaked company data!

The aircraft manufacturer "Bombardier" based in Canada, revealed on February 23 that it suffered a security breach, as some of the ...

H Square Inc. bought $ 170 million worth of Bitcoin

Square Inc., a company that provides financial services (payments, etc.) and is based in San Francisco, revealed yesterday that a while ago ...

Anker: New power bank compatible with iPhone 12 released

The company Anker, known for making useful technology accessories, has officially released a new power bank for iPhone 12 users ....

Twitter: Deleted 100 accounts of Russia that spread misinformation!

Twitter has removed 100 accounts linked to Russia for spreading misinformation targeting the EU, the US and NATO. The...

IBM: Attacks on health have increased in the pandemic

In the X-Force Threat Intelligence Index survey released by IBM for this year, the company analyzed the course of some of ...

How to see if Silver Sparrow malware is hiding on your Mac? Ένα νέο malware που στοχεύει τόσο M-series όσο και Intel Macs έχει επηρεάσει περίπου 30.000 συστήματα...

YouTube: How to use hashtags to search for videos

There are many different ways to find something on YouTube. You can search for titles, restrict it per channel or even ...

The new Hyundai IONIQ 5 electric car is impressive

Hyundai is going to release 23 electric vehicles by 2025 and today we see the first of them: the Ioniq 5, a ...

Spotify: The new HiFi series offers lossless music streaming

Spotify has announced the new HiFi series. At the "Stream On" virtual event on Monday, the service announced a new flow level without ...

New MacBook Pro models will be released in the second half of 2021

Apple in the second half of 2021 plans to release two new MacBook Pro models which will be equipped with a ...