{"id":4956,"date":"2020-03-02T14:59:56","date_gmt":"2020-03-02T14:59:56","guid":{"rendered":"https:\/\/www.thecybersecuritytimes.com\/?p=4956"},"modified":"2020-03-10T13:43:12","modified_gmt":"2020-03-10T13:43:12","slug":"dopplepaymer-ransomware-launched-a-website-called-dopple-leaks-to-disclose-the-encrypted-data","status":"publish","type":"post","link":"https:\/\/www.thecybersecuritytimes.com\/dopplepaymer-ransomware-launched-a-website-called-dopple-leaks-to-disclose-the-encrypted-data\/","title":{"rendered":"DopplePaymer Ransomware launched a website called &#8216;Dopple Leaks&#8217;\u00a0to disclose the encrypted data.\u00a0"},"content":{"rendered":"\n<p>Ransomware has been known for causing havoc to enterprises by encrypting data and asking for a ransom, however in recent times, Ransomware creators have taken things seriously by publishing the victim&#8217;s data on a hosted website.\u00a0Maze ransomware first initiated this publishing behavior, when its victims denied to pay the ransom. Now <a rel=\"noreferrer noopener\" aria-label=\"DopplePaymer Ransomware (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-customers-of-doppelpaymer-ransomware-threat\/\" target=\"_blank\">DopplePaymer Ransomware<\/a> creators have published a new website called &#8216;Dopple Leaks&#8217; were it has disclosed the encrypted data of few companies that it had infected.<\/p>\n\n\n\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\n<ins class=\"adsbygoogle\"\nstyle=\"display:block\"\ndata-ad-format=\"fluid\"\ndata-ad-layout-key=\"-ge+8+ej-3d-mz\"\ndata-ad-client=\"ca-pub-6793918737846402\"\ndata-ad-slot=\"9513409588\"><\/ins>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script>\n\n\n\n\n<p>With DopplePaymer following up with Maze&#8217;s tactics of exposing victim&#8217;s data, <a href=\"https:\/\/blog.malwarebytes.com\/detections\/ransom-sodinokibi\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Sodinokibi (opens in a new tab)\">Sodinokibi<\/a>, and <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/nemty-ransomware-to-start-leaking-non-paying-victims-data\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Nemty (opens in a new tab)\">Nemty<\/a> have also stated that they would probably follow the same in future.\u00a0<\/p>\n\n\n\n<p>DopplePaymer is an enterprise targeted malware that infiltrates networks, gain access to administrator credentials and eventually spread to the network devices to break the productivity, integrity and confidentiality of the enterprise. Below is the site that creators of DopplePaymer had created, the Dopple leaks.\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"960\" height=\"619\" src=\"https:\/\/www.thecybersecuritytimes.com\/wp-content\/uploads\/2020\/03\/pemex.jpg\" alt=\"\" class=\"wp-image-4958\"\/><figcaption>DopplePaymer Ransomware&#8217;s data leak website &#8216;Dopple Leaks&#8217;<\/figcaption><\/figure>\n\n\n\n<p>As per DopplePaymer ransomware creators, four companies that become victim to their attack and had not paid the ransom yet.\u00a0<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Pemex, state-owned oil company in Mexico that became victim to DopplePaymer in Nov 10th, 2019.\u00a0<\/li><li>A logistic company from South Africa became a victim on Jan 20th, 2020.<\/li><li>A French cloud hosting and telecommunications company and<\/li><li>A US based merchant account company.<\/li><\/ul>\n\n\n\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-layout=\"in-article\"\n     data-ad-format=\"fluid\"\n     data-ad-client=\"ca-pub-6793918737846402\"\n     data-ad-slot=\"5939876528\"><\/ins>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script>\n\n\n\n<h2 class=\"wp-block-heading\">Ransomware can now encrypt, demand ransom and publish data<\/h2>\n\n\n\n<p>Ransomware is no longer just an encrypting malware that demands for ransom, with Maze and DopplePaymer ransomware creators publishing victim&#8217;s data, this is now threatening companies for data breaches and could even result in penalization from data law regulatory organizations. <\/p>\n\n\n\n<p>Enterprises are requested to keep their proactive and reactive security up 24\/7 and if in case they became victim to a cyberattack and could lose employees, vendor, client or personal data of any entity it is always good to disclose the attack, this way they can at least caution the affected entities.\u00a0<\/p>\n\n\n\n<p>Subscribe to\u00a0<strong>\u2018The Cybersecurity Times\u2019<\/strong>, for daily alerts on cyber events. You can also follow us on\u00a0<a href=\"https:\/\/www.facebook.com\/thecybersecurittytimes\/\">Facebook<\/a>,\u00a0<a href=\"https:\/\/www.linkedin.com\/company\/the-cybersecurity-times\/\">Linkedin<\/a>,\u00a0<a href=\"https:\/\/www.instagram.com\/the_cybersecurity_times\/\">Instagram<\/a>,\u00a0<a href=\"https:\/\/twitter.com\/the_cybertimes\">Twitter<\/a>\u00a0and\u00a0<a href=\"https:\/\/www.reddit.com\/r\/Cybersecurity_times\/\">Reddit<\/a>.<br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DopplePaymer Ransomware creators have published a new website called &#8216;Dopple Leaks&#8217; were it has disclosed the encrypted data of few companies that it had infected.<\/p>\n","protected":false},"author":8,"featured_media":4959,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[72,116,91],"tags":[277,279,276,278,280],"class_list":["post-4956","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking","category-computer-security-2","category-latest-cybersecurity-news","tag-dopplepaymer","tag-dopplepaymer-launches-website","tag-dopplepaymer-ransomware","tag-dopplepaymer-ransomware-dopple-leaks","tag-ransomware"],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/posts\/4956"}],"collection":[{"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/comments?post=4956"}],"version-history":[{"count":2,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/posts\/4956\/revisions"}],"predecessor-version":[{"id":4961,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/posts\/4956\/revisions\/4961"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/media\/4959"}],"wp:attachment":[{"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/media?parent=4956"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/categories?post=4956"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thecybersecuritytimes.com\/wp-json\/wp\/v2\/tags?post=4956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}