DoppelPaymer ransomware is fathered from BitPaymer ransomware. It encrypts user data using a combination of AES-256 and RSA-2048 algorithms and then requires a ransom of in Bitcoins o return the files. It added .locked
extension to the encrypted files. Recent vitims of DoppelPaymer is The City of Torrance of the Los Angeles metropolitan area, California. The attackers are demanding 100 BTC roughly $685688 in order to not publicize files and return back the 200 GB of encrypted files. Previously DoppelPaymer attacked the Mexico's Pemex Oil in November 2019 where they demanded a $4.9 million in ransom.
DoppelPaymer Ransomware Signatures
DoppelPaymer Ransomware Download