← Back to Ransomware Tracker

Doppelpaymer

Inactive
Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable by its trademark file extension added to encrypted files: .doppeled. It also creates a note file named: ".how2decrypt.txt".
25 Victims
May 25, 2019 First Discovered
Apr 10, 2021 Last Discovered
1804 Days Inactive
66.7% Infostealer
0/1 Sites Online
Top Countries
US 15
FR 4
MX 1
CA 1
CL 1
Top Sectors
Government Facilities 10
Critical Manufacturing 8
Communication 2
Education Facilities 1
Transportation Systems 1
Information Technology 1
Education 1
Food and Agriculture 1
Known Locations (1)
Start-maximized.com
hpoo4dosa3x4ognfxpqcrjwnsigvslm7kv6hvmhh2yqczaxy3j6qnwad.onion
Intelligence
📄 4 Ransom Notes
View the actual ransom notes used by this group
Victims (25)
Office of the Attorney General
US Government Facilities Discovered: Apr 10, 2021 · Attack est.: Apr 10, 2021
Azusa police department
US Government Facilities Discovered: Mar 1, 2021 · Attack est.: Mar 1, 2021
Manutan
FR Critical Manufacturing Discovered: Feb 21, 2021 · Attack est.: Feb 21, 2021
Kia Motors America (KMA)
US Critical Manufacturing Discovered: Feb 16, 2021 · Attack est.: Feb 16, 2021
Cuyahoga Metropolitan Housing Authority
US Government Facilities Discovered: Feb 8, 2021 · Attack est.: Feb 8, 2021
Foxconn
MX Critical Manufacturing Discovered: Nov 29, 2020 · Attack est.: Nov 29, 2020
Delaware County
US Government Facilities Discovered: Nov 28, 2020 · Attack est.: Nov 28, 2020
Compal
Critical Manufacturing Discovered: Nov 8, 2020 · Attack est.: Nov 8, 2020
Banijay Group SAS
FR Communication Discovered: Nov 1, 2020 · Attack est.: Nov 1, 2020
Chatham County Government
US Government Facilities Discovered: Oct 28, 2020 · Attack est.: Oct 28, 2020
Hall County
US Government Facilities Discovered: Oct 7, 2020 · Attack est.: Oct 7, 2020
Newcastle University
Education Facilities Discovered: Aug 30, 2020 · Attack est.: Aug 30, 2020
4 Canadian courier divisions of TFI International's Canpar Express
CA Transportation Systems Discovered: Aug 19, 2020 · Attack est.: Aug 19, 2020
Boyce Technologies (device manufacturer- transit communication systems and now ventilators b/c of COVID-19)
US Critical Manufacturing Discovered: Aug 1, 2020 · Attack est.: Aug 1, 2020
Knoxville PD and City of Knoxville, TN (Knox County)
US Government Facilities Discovered: Jun 11, 2020 · Attack est.: Jun 11, 2020
City of Florence, Alabama
US Government Facilities Discovered: Jun 5, 2020 · Attack est.: Jun 5, 2020
Digital Management Inc. (NASA Contractor)
US Information Technology Discovered: Jun 3, 2020 · Attack est.: Jun 3, 2020
Mitsubishi
Critical Manufacturing Discovered: Jun 1, 2020 · Attack est.: Jun 1, 2020
Afpa
FR Education Discovered: Apr 17, 2020 · Attack est.: Apr 17, 2020
Kimchuk
US Critical Manufacturing Discovered: Mar 5, 2020 · Attack est.: Mar 5, 2020
City of Torrance (Los Angeles County)
US Government Facilities Discovered: Mar 1, 2020 · Attack est.: Mar 1, 2020
Visser Precision
US Critical Manufacturing Discovered: Feb 1, 2020 · Attack est.: Feb 1, 2020
Bretagne Telecom
FR Communication Discovered: Jan 1, 2020 · Attack est.: Jan 1, 2020
Chilean Ministry of Agriculture
CL Food and Agriculture Discovered: Jun 1, 2019 · Attack est.: Jun 1, 2019
City of Edcouch
US Government Facilities Discovered: May 25, 2019 · Attack est.: May 25, 2019
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Tracker