Security News > 2020 > September > Doppelpaymer ransomware crew fingered over attack on German hospital that allegedly caused death of a patient
The Doppelpaymer ransomware gang were behind the cyber-attack on a German hospital that led to one patient's death, according to local sources.
The Aachener Zeitung newspaper carried a report from the German Press Association that Doppelpaymer's eponymous ransomware had been introduced to the University Hospital Düsseldorf's network through a vulnerable Citrix product.
That ransomware infection, activated last week, is said by local prosecutors to have led to the death of one patient who the hospital was unable to treat on arrival.
They were said to have provided the decryption key for the ransomware upon learning that they had hit a hospital - too late to save the unfortunate patient.
He added: "A few ransomware groups claim to avoid - or, at least, attempt to avoid - hitting hospitals and say they will provide a decryptor at no cost should their aim ever be off. Unfortunately even with that decryptor, recovering systems is not a speedy process and a hospital may not be able to fully return to normal operations for quite some time - and that's the time during which people could die."
News URL
https://go.theregister.com/feed/www.theregister.com/2020/09/23/doppelpaymer_german_hospital_malware/
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)