Security News > 2020 > March > DoppelPaymer Ransomware Slams Supplier to Boeing and Tesla

DoppelPaymer has set up a public website with files from companies it claims it has compromised but have not paid a ransom, and it now lists Visser on that site, together with excerpts of allegedly stolen data.

In an effort to exert even more pressure on victims to pay, in part by trying to name and shame them in public, some ransomware groups are upping the ante by stealing data before they forcibly encrypt everything.

Groups like DoppelPaymer typically kick off their extortion schemes by publishing older and less sensitive data, holding back newer and perhaps more sensitive data to maintain an incentive for a hacked organization to pay, says Brett Callow, a threat analyst with the security firm Emsisoft.

DoppelPaymer has been active since the middle of last year, but Callow says it only started publishing stolen data in the past few days.

The tactic follows other ransomware groups, including Maze, Sodinokibi - aka REvil and Sodin - as well as Nemty and Snatch, which are all now threatening to release data from compromised organizations that don't pay.

News URL

https://www.inforisktoday.com/doppelpaymer-ransomware-slams-supplier-to-boeing-tesla-a-13838