A ransomware variant called DoppelPaymer has been uncovered by security researchers recently. This new variant was discovered by experts from CrowdStrike. Reportedly, it shares most of the code with another well-known ransomware, BitPaymer. It was found that the variant was used in various campaigns targeted against government agencies in June 2019. This includes attacks against the City of Edcouch, Texas and the Chilean Ministry of Agriculture.
Key highlights
Worth noting
CrowdStrike speculates that this new variant might be the work of an offshoot of INDRIK SPIDER group. INDRIK SPIDER is the threat actor group behind the creation of Dridex and BitPaymer.
“There are a number of differences between DoppelPaymer and BitPaymer, which may signify that one or more members of INDRIK SPIDER have split from the group and forked the source code of both Dridex and BitPaymer to start their own Big Game Hunting ransomware operation,” said the firm in a blog.
Publisher