A 45-year-old foreign national was arrested in Moldova, suspected of numerous cybercrimes against companies in the Netherlands.
Moldovan law enforcement authorities arrested the man on May 6th, in cooperation with colleagues from the Netherlands. The suspect was allegedly involved in the ransomware attack on the Netherlands Institute for Scientific Research (NWO), causing damage worth €4.5 million ($5 million).
The attack took place in February 2021, with the DoppelPaymer ransomware gang taking credit for the attack. To coax NWO into paying the ransom, attackers leaked the organization's data online.
According to Moldovan authorities, officers searched the suspects’ house and seized nearly €85,000 ($94,000), an electronic wallet, two laptops, a mobile phone, a tablet, several bank cards, portable data storage devices, and memory cards.
The walls have been closing in on DoppelPaymer for a while now. In 2023, German and Ukrainian authorities raided the homes of individuals suspected of being core members of the ransomware gang.
DoppelPaymer was first discovered in 2019. Its activities peaked during the first year of the COVID-19 pandemic and prompted the FBI to issue a warning about the ransomware syndicate.
Researchers at TrendMicro claim that DoppelPaymer demanded victims pay hefty sums, ranging from $25,000 to $1.2 million, for file decryption software. Threat actors threatened to leak the data if victims didn’t pay the ransom.
According to Europol, German authorities are aware of 37 DoppelPaymer victims. It is estimated that US victims have paid DoppelPaymer over $40 million in total.
DoppelPaymer rebranded as Grief ransomware in 2021. Ransomware gangs frequently change names to avoid drawing attention from law enforcement.
Your email address will not be published. Required fields are markedmarked