DopplePaymer ransomware after congratulating SpaceX and NASA for the successful space launch they immediately announced that they have infected one of the IT contractor’s NASA.
In a blog post, the DopplePaymer ransomware gang said that they have successfully breached into the network of Digital Management Inc.
Digital Management Inc is a Maryland based company providing business intelligence and cybersecurity services. The company was listed in Fortune 100 companies and many government companies.
However, it is not clear how deep their network infrastructure has been infected due to the DopplePaymer ransomware.
To prove their claims DopplePaymer ransomware operators posted 20 archives on the dark web. It is clear that they have got NASA-related files in their hands.
The screenshots include everything like HR documents to project plans and also the details of the employees in the public records were matched with LinkedIn records.
The DopllePaymer ransomware gang also posted a list of 2,583 infected servers and workstations that they say are the part of DMI internal network which are now encrypted.
The ransomware gang also posted a sample of files and asking for ransom amount and they will reveal all the files if the ransom amount was not paid as revenge.
There were also some changes in the tactics in past years after the operators of REvil ransomware have started selling the stolen victims’ files instead of giving them for free.