The Indrik Spider hacker group, which developed the DoppelPaymer ransomware, sent part of the funds to the cryptocurrency exchange Binance, according to analytics company Whitestream.
#DoppelPaymer, a brutal ransomware originated from the Indrik Spider Russian hacking group, attacked #Foxconn and asked for $35M in ransom payments.
We managed to track some of the group latest cash outs at @binanceAddress — 17rJmFiKyYbNZmt9xiz8yTScX1QvWpt7pz pic.twitter.com/0jSMjq7FdR
— whitestream — Blockchain Intelligence (@whitestream5) December 13, 2020
The address from which the ransomers’ funds were sent has been identified.
According to the Telegram channel Goldfoundinshit TM, 100 BTC were sent to Binance directly. Another 162 BTC were moved to the exchange in parts: 90 BTC by direct transfer, 72 BTC via an intermediate address.
As reported, DoppelPaymer joined the top five most dangerous ransomware programs alongside Netwalker, REvil, Maze, and RansomEXX.
In early November, DoppelPaymer attacked the Taiwanese laptop manufacturer Compal Electronics. The attackers demanded 1100 BTC.
In the same month, the Delaware County information systems in the American state of Pennsylvania came under attack. Authorities paid the ransom of $500 000 in bitcoins.
In December, one of Foxconn’s factories, the Taiwanese electronics manufacturer, was hit. The hackers demanded 1804 BTC.
Follow ForkLog news on Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.