DoppelPaymer Gang Suspected to be Targeting Retail Organizations | Cyware Alerts


The DoppelPaymer ransomware, which shares most of its code with the BitPaymer ransomware, is suspected to be aiming at the retail sector now. Most recently, it is suspected to be targeting Avon, one of the largest global brands producing and distributing cosmetics.

The extent of the incident

Avon, owned by the Brazilian giant Natura & Co, recently suffered a ransomware attack, possibly conducted by the DoppelPaymer Gang.

  • On June 8, Natura & Co confirmed that its subsidiary Avon had suffered a mysterious cyber-security incident in its Information Technology environment. Avon distributors also reported issues with accessing the company’s backend in the UK, Argentina, Brazil, Poland, and Romania.
  • It is suspected that the intrusion has been caused by a ransomware attack carried out by the DoppelPaymer gang
  • Though the DoppelPaymer gang hasn’t listed Avon’s name on its ‘leak site’ yet, the Polish security company Niebezpiecznik claimed that it received information about the attack being carried out by the DoppelPaymer gang.

Recent DoppelPaymer incidents

DoppelPaymer group follows the new tactic of exfiltrating data out of an infected network before encrypting the user files and threatens victims to dump the data unless they pay the ransom.

  • In June 2020, the operators of the DoppelPaymer ransomware infected the network of Digital Management Inc. (DMI), one of NASA’s IT contractors.
  • In April 2020, DoppelPaymer Ransomware targeted the City of Torrance of Los Angeles and leaked approximately 200+ GB of the stolen files.
  • In the same month, the DoppelPaymer crew leaked details of Boeing, Lockheed Martin, SpaceX, and Tesla after the contractor Visser Precision refused to pay the ransom.

Stay safe

To prevent threats like DoppelPaymer, Microsoft suggests that organizations should implement network segmentation, use strong credentials, and assign the least privileges to the users when providing remote access.



Source link

Recent articles

Cathay Pacific mulls parking aircraft outside Hong Kong | News

Cathay Pacific Group is considering parking some aircraft outside of its Hong Kong base to protect them from the city’s hot and humid summer. The...

Coronavirus Live Updates: Trump Pushes for Schools to Reopen

As U.S. infections hit 3 million, the Trump administration presses local officials to reopen classrooms in the fall.As the total number of coronavirus...

How New Zealand’s media endangered public health | Coronavirus pandemic

New Zealand's health minister, David Clark, has been forced to resign and the nation's hyperactive media have claimed their latest scalp. In the...

How Do You Tell Your Child He Is Undocumented?

When Excel comes back nine months later, he surprises Maxima at home: She jumps up with “a switchblade aimed right at him,” mistaking...

PlayStation Store Update Worldwide – July 7, 2020

Each week Sony brings PlayStation 4, PlayStation 3, PlayStation Vita and PlayStation Portable owners new content, add-ons, games and more. PlayStation LifeStyle catalogs...

SAA pilots isolated as other unions gradually back severance scheme | News

South African Airways unions have largely indicated acceptance of voluntary severance packages as part of the airline’s rescue, after the government warned that...

Leave a reply

Please enter your comment!
Please enter your name here