Ransomware
DoppelPaymer
First seen: 2019-04 • Status: inactive
Currently Inactive
DoppelPaymer was run by Evil Corp. German police finally caught some of the hackers in 2023.
Overview
DoppelPaymer emerged from BitPaymer and is linked to Evil Corp. German police arrested suspects in 2023.
How It Spreads
- • Dridex infections
- • SocGholish
What It Does
- • File encryption
- • Data theft
- • Evil Corp connection
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for Dridex
- • Watch for Evil Corp TTPs
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Check OFAC sanctions before payment
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required