Breach Response Hotline, Call 833.997.7327

Contact Us

Breach Response Hotline, Click to Call

Contact Us

Grief Ransomware

DoppelPaymer Rebrands to Grief Ransomware

Chris Swagler | August 2nd, 2021

 

Yet again, we’re seeing similarities between a defunct group and a new group.

Following the Colonial Pipeline breach where most of the general public became aware of the attack, DoppelPaymer began to slow their roll in terms of attacks performed.

Grief Ransomware Rebraned From DoppelPaymer

Security researchers discovered that DoppelPaymer and Grief ransomware use the same encrypted file format and the same means of distribution through the Dridex botnet.

Many threat groups attempt to fly under the radar using different names, but when it comes to a complete analysis, it is easy for our engineers to make the distinction.

Both DoppelPaymer and Grief ransomware also used the General Data Protection Regulation (GDPR) from the European Union as a warning that non-paying victims may still face legal penalties due to the breach.

Another telling action of similarities is Grief ransomware operators switching to Monero cryptocurrency which allows them to avoid sanctions from law enforcement.

Ransomware operators may seem creative and sophisticated to the average person, but our certified engineers have a deeper understanding of their processes. If you’re a leader in your organization, talk through your security structure with your team. In today’s threat landscape, there are many different avenues of attack for threat actors on organizations of any size. SpearTip’s Security Operations Center as a Service can benefit organizations of any size, structure, or industry. There is nothing worse than explaining to your clients and customers that their data was accessed because your team didn’t take the right steps to prevent it.

Our Security Operations Center operates 24/7/365 as our highly technical engineers continuously monitor partner networks for malicious threats. Their intelligence combined with the efficiency of our endpoint detection and response tool, ShadowSpear is a tandem built to protect networks globally.

If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.

Categories

Connect With Us

Facebook Twitter Youtube Linkedin

Featured Articles

Incident Response Planning
Incident Response Planning: Why It's Important
17 May 2024
Ransomware Experiments
Ransomware Experiments on Developing Countries
15 May 2024
Credential Stuffing Attacks
Credential Stuffing Attacks Using TOR: Okta Warning
13 May 2024
Cybersecurity Gap
Close Cybersecurity Gaps through Analysis and Architecture Review
10 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Schedule a Demo Today

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
Subscribe

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
Learn more

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.
Schedule a Demo

24/7 Breach Response: US/CAN: 833.997.7327

Main Office: 800.236.6550

Email Us

1714 Deer Tracks Trail, Suite 150

St. Louis, MO 63131

Navigation

Connect With Us

Twitter Linkedin Facebook

©2024 SpearTip, LLC. All rights reserved.