German police say they have shut down a russian-linked cybercriminal group that has been blackmailing large companies and institutions for years, making millions of euros.
Working with law enforcement partners including Europol, the FBI, and Ukrainian authorities, Düsseldorf police said they were able to identify 11 people linked to the group, which operated under various names for at least since 2010.
The gang believed to be behind the ransomware known as DoppelPaymer appears to be linked to Evil Corp, a russian syndicate that has been stealing bank funds online long before how ransomware became a global scourge.
Among its most famous victims are the National Health Service of Great Britain and the University Hospital of Düsseldorf, whose computers were infected by DoppelPaymer in 2020. A woman who needed urgent treatment died after she had to be taken to another city for treatment.
Ransomware is the most destructive cybercrime in the world. Gangs, mostly based in russia, hack into networks and steal sensitive information, then activate malware that encrypts the data. Criminals demand payment in exchange for decryption keys and a promise not to post stolen data on the network.
In its 2020 report, the FBI said DoppelPaymer has been used since late 2019 to attack critical industries around the world, including healthcare, emergency services and education, while they usually require a six- and seven-digit ransom.