Recent Raids Target DoppelPaymer Ransomware Operators
In late February, an international law enforcement operation was carried out in Germany and Ukraine to target the DoppelPaymer ransomware. Europol, the FBI, and Dutch law enforcement were all involved in the raid, which identified eleven suspects and detained some of them. However, three key members of the cybercrime group, all believed to be located in Russia, remain at large.
The wanted individuals are Igor Olegovich Turashev, Irina Zemlianikina, and Igor Garshin. Turashev has been on the FBI’s Cyber Most Wanted list for several years, and he was charged by the United States in 2019. Garshin is believed to be responsible for the attacks on German organizations, while Zemlianikina is believed to have worked as an admin of the IT infrastructure used in the attacks.
The DoppelPaymer ransomware emerged in mid-2019 and has been used to target hundreds of organizations worldwide, including critical infrastructure. In one instance, hackers targeted a German hospital, which resulted in the death of a patient. This law enforcement action is the latest in a string of operations targeting ransomware, including the Hive ransomware, which was shut down by the FBI in the summer of 2022.
The impact of the operation against DoppelPaymer remains to be seen, as the ransomware is a ransomware-as-a-service operation. However, the action taken by authorities could help to prevent future ransomware attacks and protect organizations and individuals from the threat.
- An international law enforcement operation was carried out in Germany and Ukraine in late February to target the DoppelPaymer ransomware.
- Eleven suspects were identified and some were detained, but three key members of the cybercrime group remain at large.
- DoppelPaymer emerged in mid-2019 and has been used to target hundreds of organizations around the world, including critical infrastructure.
- The FBI managed to shut down the Hive ransomware in the summer of 2022.
- This law enforcement action could help to prevent future ransomware attacks and protect organizations and individuals from the threat.