Ransomware
Grief
First seen: 2021-06 • Status: inactive
Currently Inactive
Grief ransomware was likely DoppelPaymer with a new name. They famously attacked the NRA.
Overview
Grief is believed to be a rebrand of DoppelPaymer. They threatened NRA data release and targeted critical infrastructure.
Also Known As
Pay or Grief
How It Spreads
- • Phishing
- • Initial access brokers
What It Does
- • File encryption
- • Data theft
- • Political targeting
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for DoppelPaymer variants
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Standard ransomware response
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required