An unlucky victim has allegedly released a whopping BTC 22 – worth over USD 263,000 – to DoppelPaymer ransomware scammers, per data published by tracking website ScamAlert.
This year, antivirus software developer Avast warned that there had been a recent revival in scammers making use of the notorious ransomware.
Like other comparable malware, DoppelPaymer locks the victim’s hard drives, encrypts them, and demands that ransoms be paid in crypto.
Avast stated that DoppelPaymer users combine virus-themed email subject lines to “attract victims.”
The firm added,
“This one is significant in the number of different distribution methods that have been used in the three years since its progenitor, BitPaymer, was first discovered. What makes DoppelPaymer nastier than your average ransomware [is the fact that] its authors post its success stories online, which has a double intent of shaming the victims and making it easier for the press to validate the breach.“
The hackers are also improving ransomware by investing in an affiliate model, paying a range of specialists to distribute DoppelPaymer – and using a range of phishing traps to dupe unsuspecting victims.
The ransomware has been used to destructive effect in the past. Avast says it was used on an attack on the IT network of the city of Torrance, California, last March, whereby municipal backups were erased and encrypted – with more than 200 GB of data stolen.
Some Reddit users stated they were puzzled concerning why the victim would choose to pay such a steep ransom instead of simply reformatting their hard drive.
One Redditor wrote,
“When it comes to forking over a quarter of a million USD or reformatting my computer, I am pretty sure I’d be inclined to choose the latter. I can’t think of what any files valuable enough to be willing to make that exchange, could even be.”