Ransomware Group intelligence

Doppelpaymer

Inactive

Track Doppelpaymer with 25 published victims and 1 known leak locations in a single intelligence view.

Victims 25 Known published victims in this dataset

First discovered 2019-05-25 Earliest victim discovery date

Last discovered 2021-04-10 Latest victim discovery date

Inactive since 1841 days Days since the latest known victim

Top country United States 15 victims

Known locations 1 Leak or negotiation infrastructure tracked

Doppelpaymer is tracked by Breach House as a ransomware group with 25 published victims.

United States is currently the most targeted country in this dataset.

1 known leak locations are currently associated with this group.

Top Countries

Distribution

Label	Type	Availability	Links
Leak location 1	Onion service	Unknown	`hpoo4dosa3x4ognfxpqcrjwnsigvslm7kv6hvmhh2yqczaxy3j6qnwad.onion`

No sector intelligence available.

Ransom Notes (0)

▼

No ransom notes available for this group.

Tools Used

▼

No tools used available.

YARA Rules (0)

▼

No YARA rules available.

Indicators of Compromise (0)

▼

No IoCs available for this group.

Negotiation Chats (0)

▼

No negotiation chats available.

No external research sources linked yet.

Victims (25)

Search, filter and paginate the victim timeline for Doppelpaymer.

Type	Target	Discovered	Country	Business Category	Intel Link
Ransomware	Office of the Attorney General id603 View details	2021-04-10	United States	Finance / Legal / Insurance	—
No additional victim description available. ID 603
Ransomware	Azusa police department id589 View details	2021-03-01	United States	Public Sector	—
No additional victim description available. ID 589
Ransomware	Manutan id585 View details	2021-02-21	France	Other	—
No additional victim description available. ID 585
Ransomware	Kia Motors America (KMA) id583 View details	2021-02-16	United States	Other	—
No additional victim description available. ID 583
Ransomware	Cuyahoga Metropolitan Housing Authority id579 View details	2021-02-08	United States	Construction / Real Estate	—
No additional victim description available. ID 579
Ransomware	Foxconn id530 View details	2020-11-29	Mexico	Other	—
No additional victim description available. ID 530
Ransomware	Delaware County id529 View details	2020-11-28	United States	Finance / Legal / Insurance	—
No additional victim description available. ID 529
Ransomware	Compal id519 View details	2020-11-08		Other	—
No additional victim description available. ID 519
Ransomware	Banijay Group SAS id515 View details	2020-11-01	France	Services	—
No additional victim description available. ID 515
Ransomware	Chatham County Government id512 View details	2020-10-28	United States	Public Sector	—
No additional victim description available. ID 512
Ransomware	Hall County id493 View details	2020-10-07	United States	Public Sector	—
No additional victim description available. ID 493
Ransomware	Newcastle University id466 View details	2020-08-30		Education	—
No additional victim description available. ID 466
Ransomware	4 Canadian courier divisions of TFI International's Canpar Express id462 View details	2020-08-19	Canada	Communication / Marketing	—
No additional victim description available. ID 462
Ransomware	Boyce Technologies (device manufacturer- transit communication systems and now ventilators b/c of COVID-19) id451 View details	2020-08-01	United States	IT	—
No additional victim description available. ID 451
Ransomware	Knoxville PD and City of Knoxville, TN (Knox County) id417 View details	2020-06-11	United States	Public Sector	—
No additional victim description available. ID 417
Ransomware	City of Florence, Alabama id400 View details	2020-06-05	United States	Public Sector	—
No additional victim description available. ID 400
Ransomware	Digital Management Inc. (NASA Contractor) id398 View details	2020-06-03	United States	IT	—
No additional victim description available. ID 398
Ransomware	Mitsubishi id384 View details	2020-06-01		Other	—
No additional victim description available. ID 384
Ransomware	Afpa id21582 View details	2020-04-17	France	Other	—
No additional victim description available. ID 21582
Ransomware	Kimchuk id336 View details	2020-03-05	United States	Other	—
No additional victim description available. ID 336
Ransomware	City of Torrance (Los Angeles County) id333 View details	2020-03-01	United States	Public Sector	—
No additional victim description available. ID 333
Ransomware	Visser Precision id324 View details	2020-02-01	United States	Communication / Marketing	—
No additional victim description available. ID 324
Ransomware	Bretagne Telecom id313 View details	2020-01-01	France	Telecommunications	—
No additional victim description available. ID 313
Ransomware	Chilean Ministry of Agriculture id276 View details	2019-06-01	Chile	Agriculture / Food	—
No additional victim description available. ID 276
Ransomware	City of Edcouch id275 View details	2019-05-25	United States	Public Sector	—
No additional victim description available. ID 275

Doppelpaymer

Overview

Top Countries

Known Leak Locations (1)

Top Activity Sectors