doppelpaymer

25 tracked victims

·first seen 2019-05-25·last activity 2021-04-10

Group profile

Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable by its trademark file extension added to encrypted files: .doppeled. It also creates a note file named: ".how2decrypt.txt".

Recent victims

Date	Website / victim	Sector	Country
2021-04-10	O Office of the Attorney General	Manufacturing	US
2021-03-01	A Azusa police department	Public Sector	US
2021-02-21	ManutanManutan.fr	Manufacturing	FR
2021-02-16	K Kia Motors America (KMA)	Manufacturing	US
2021-02-08	C Cuyahoga Metropolitan Housing Authority	Public Sector	US
2020-11-29	F Foxconn	Manufacturing	MX
2020-11-28	D Delaware County	Public Sector	US
2020-11-08	C Compal	Manufacturing
2020-11-01	B Banijay Group SAS	Technology	FR
2020-10-28	C Chatham County Government	Public Sector	US
2020-10-07	H Hall County	Public Sector	US
2020-08-30	N Newcastle University	Education
2020-08-19	4 4 Canadian courier divisions of TFI International's Canpar Express	Transportation/Logistics	CA
2020-08-01	B Boyce Technologies (device manufacturer- transit communication systems and now ventilators b/c of COVID-19)	Manufacturing	US
2020-06-11	K Knoxville PD and City of Knoxville, TN (Knox County)	Public Sector	US
2020-06-05	C City of Florence, Alabama	Public Sector	US
2020-06-03	D Digital Management Inc. (NASA Contractor)	Technology	US
2020-06-01	M Mitsubishi	Manufacturing
2020-04-17	Afpaafpa.fr	Education	FR
2020-03-05	K Kimchuk	Manufacturing	US
2020-03-01	C City of Torrance (Los Angeles County)	Public Sector	US
2020-02-01	V Visser Precision	Manufacturing	US
2020-01-01	Bretagne Telecombretagnetelecom.fr	Telecommunication	FR
2019-06-01	C Chilean Ministry of Agriculture	Agriculture and Food Production	CL
2019-05-25	C City of Edcouch	Public Sector	US