According to this link, https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/, malware researchers have discovered a new file-encrypting malware they dubbed DoppelPaymer that has been making victims since at least mid-June, asking hundreds of thousands of US dollars in ransom.
- There are three confirmed victims of this ransomware strain, which priced its decryption keys between 2 BTC and 100 BTC
- It is believed that the new ransomware strain may be the work of a BitPaymer group member that started their own ransomware business
- The new ransomware includes modifications that make it superior to BitPaymer, such as threaded encryption process for a quicker operation
Expert Comments:
Javvad Malik, Security Awareness Advocate at KnowBe4:
“Ransomware remains big business and we’re seeing ransomware operators push the limits by demanding higher and higher ransoms. As long as it remains good business, criminals will continue to innovate their approaches, meaning better-written code that can execute faster. However, the initial infection vector will largely remain the same in being a phishing email of some sort. Which is why it is imperative that organisations train their users to be able to identify and report any suspected phishing emails or risk being left with a large bill to either pay ransom or rebuild systems.”
