BitPaymer is a new ransomware variant that has been discovered in 2019. Beginning in June 2019, this new version was responsible for a string of ransomware attacks, including attacks on the Georgia Election Committee, City of Edcouch, Texas, and the Chilean Ministry of Agriculture. It has since been dubbedDopplePaymer because it shares a lot of code with INDRIK SPIDER's BitPaymer ransomware.
However, there are some discrepancies between DopplePaymerand BitPaymer, which may indicate that one or more members of INDRIK SPIDER have broken away from the community and forked the Dridex and BitPaymer source code to launch their own Big Game Hunting ransomware operation.Compal, the world's second-largest laptop maker, was also recently hit by a DopplePaymer ransomware attack.
Though Compal denies being a victim of this group's assault, a ransom note was discovered that proves otherwise. The ransom note requested 1,100 Bitcoins, which is approximately$16.7 million. DopplePaymer takes data stolen during an attack and leaks iton the dark web when ransoms are not paid.In 2020, DopplePaymer ransomware was responsible for a cyber-attackwhich crippled a hospital in Germany. After forcing medical systems offline, the hospital was forced to transfer some of the patients.One of the critical patients lost their life because of the delay in care which is believed to be the first official death caused directly by a ransomware attack.
Read the full report here: IR-21-117-005-DopplePaymer.pdf