Ransomware Group:
Doppelpaymer
Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable by its trademark file extension added to encrypted files: .doppeled. It also creates a note file named: ".how2decrypt.txt".
Activity over time
Worldmap
24 Victims
Office of the Attorney General
Discovery Date: 2021-04-10 00:00
Azusa police department
Discovery Date: 2021-03-01 00:00
Manutan
Discovery Date: 2021-02-21 00:00
Kia Motors America (KMA)
Discovery Date: 2021-02-16 00:00
Cuyahoga Metropolitan Housing Authority
Discovery Date: 2021-02-08 00:00
Foxconn
Discovery Date: 2020-11-29 00:00
Delaware County
Discovery Date: 2020-11-28 00:00
Compal
Discovery Date: 2020-11-08 00:00
Banijay Group SAS
Discovery Date: 2020-11-01 00:00
Chatham County Government
Discovery Date: 2020-10-28 00:00
Hall County
Discovery Date: 2020-10-07 00:00
Newcastle University
Discovery Date: 2020-08-30 00:00
4 Canadian courier divisions of TFI International's Canpar Express
Discovery Date: 2020-08-19 00:00
Boyce Technologies (device manufacturer- transit communication systems and now ventilators b/c of COVID-19)
Discovery Date: 2020-08-01 00:00
Knoxville PD and City of Knoxville, TN (Knox County)
Discovery Date: 2020-06-11 00:00
City of Florence, Alabama
Discovery Date: 2020-06-05 00:00
Digital Management Inc. (NASA Contractor)
Discovery Date: 2020-06-03 00:00
Mitsubishi
Discovery Date: 2020-06-01 00:00
Kimchuk
Discovery Date: 2020-03-05 00:00
City of Torrance (Los Angeles County)
Discovery Date: 2020-03-01 00:00
Visser Precision
Discovery Date: 2020-02-01 00:00
Bretagne Telecom
Discovery Date: 2020-01-01 00:00
Chilean Ministry of Agriculture
Discovery Date: 2019-06-01 00:00
City of Edcouch
Discovery Date: 2019-05-25 00:00