Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Doppelpaymer

Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable by its trademark file extension added to encrypted files: .doppeled. It also creates a note file named: ".how2decrypt.txt".
External information

Victims
25
 
First Discovered
2019-05-25
victim
Last Discovered
2021-04-10
victim
Inactive Since
5yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
66.7%
victims with domain
Countries
5
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Start-maximized.com No 2026-04-28T07:23:39 hpoo4dosa3x4ognfxpqcrjwnsigvslm7kv6hvmhh2yqczaxy3j6qnwad.onion
Target
Top 5 Activity Sectors
  • Manufacturing 9
  • Public Sector 9
  • Technology 2
  • Education 2
  • Transportation/Logistics 1
Top 5 Countries
  • US flag United States 15
  • FR flag France 4
  • MX flag Mexico 1
  • CA flag Canada 1
  • CL flag Chile 1
Heatmap
Ransom Notes (4)
YARA Rules (1)
Indicators of Compromise (IoCs) (4)
Email 4
Type IOC
Email btpsupport@protonmail.com
Email kobieboho@protonmail.com
Email reltypade1977@protonmail.com
Email smutnykobimtochukwu@protonmail.com
Victims (25)
Logo
Office of the Attorney General US
Doppelpaymer
Discovered: 2021-04-10 (5y ago)
No description available
Logo
Azusa police department US
Doppelpaymer
Discovered: 2021-03-01 (5y ago)
No description available
Logo
Manutan FR
Doppelpaymer
Discovered: 2021-02-21 (5y ago)
No description available
Logo
Kia Motors America (KMA) US
Doppelpaymer
Discovered: 2021-02-16 (5y ago)
No description available
Logo
Cuyahoga Metropolitan Housing Authority US
Doppelpaymer
Discovered: 2021-02-08 (5y ago)
No description available
Logo
Foxconn MX
Doppelpaymer
Discovered: 2020-11-29 (5y ago)
No description available
Logo
Delaware County US
Doppelpaymer
Discovered: 2020-11-28 (5y ago)
No description available
Logo
Compal
Doppelpaymer
Discovered: 2020-11-08 (5y ago)
No description available
Logo
Banijay Group SAS FR
Doppelpaymer
Discovered: 2020-11-01 (5y ago)
No description available
Logo
Chatham County Government US
Doppelpaymer
Discovered: 2020-10-28 (5y ago)
No description available
Logo
Hall County US
Doppelpaymer
Discovered: 2020-10-07 (5y ago)
No description available
Logo
Newcastle University
Doppelpaymer
Discovered: 2020-08-30 (5y ago)
No description available
Logo
4 Canadian courier divisions of TFI International's Canpar Express CA
Doppelpaymer
Discovered: 2020-08-19 (5y ago)
No description available
Logo
Boyce Technologies (device manufacturer- transit communication systems and now ventilators b/c of COVID-19) US
Doppelpaymer
Discovered: 2020-08-01 (5y ago)
No description available
Logo
Knoxville PD and City of Knoxville, TN (Knox County) US
Doppelpaymer
Discovered: 2020-06-11 (5y ago)
No description available
Logo
City of Florence, Alabama US
Doppelpaymer
Discovered: 2020-06-05 (5y ago)
No description available
Logo
Digital Management Inc. (NASA Contractor) US
Doppelpaymer
Discovered: 2020-06-03 (5y ago)
No description available
Logo
Mitsubishi
Doppelpaymer
Discovered: 2020-06-01 (5y ago)
No description available
Logo
Afpa FR
Doppelpaymer
Discovered: 2020-04-17 (6y ago)
No description available
Logo
Kimchuk US
Doppelpaymer
Discovered: 2020-03-05 (6y ago)
No description available
Logo
City of Torrance (Los Angeles County) US
Doppelpaymer
Discovered: 2020-03-01 (6y ago)
No description available
Logo
Visser Precision US
Doppelpaymer
Discovered: 2020-02-01 (6y ago)
No description available
Logo
Bretagne Telecom FR
Doppelpaymer
Discovered: 2020-01-01 (6y ago)
No description available
Logo
Chilean Ministry of Agriculture CL
Doppelpaymer
Discovered: 2019-06-01 (6y ago)
No description available
Logo
City of Edcouch US
Doppelpaymer
Discovered: 2019-05-25 (6y ago)
No description available