German and Ukrainian law enforcement agencies said Monday they conducted simultaneous raids, seizing evidence and detaining several suspects connected with the DoppelPaymer ransomware gang.
The raid, supported by Europol, Dutch police, and the U.S. FBI, was carried out Feb. 28 and targeted “suspected core members of the criminal group responsible for carrying out large-scale cyberattacks with the DoppelPaymer ransomware,” according to a notice from Europol.
Image Credit: Europol
German police said they are aware of 37 different companies that have fallen victim to DoppelPaymer ransomware, including the UK’s National Health Service and University Hospital Düsseldorf, where computers were infected with DoppelPaymer in 2020. A woman who needed urgent treatment died after she was taken to another city for treatment. In the U.S. victims allegedly paid the group at least €40 million ($42.6 million) between May 2019 and March 2021.
Europol authorities say they sent three experts to Germany to cross-check information from the raids against Europol databases, provide operational analysis, tracing of cryptocurrency funds and forensic support.
“The analysis of this data and other related cases is expected to trigger further investigative activities,” the agency said in the release. “Europol also set up a Virtual Command Post to connect the investigators and experts from Europol, Germany, Ukraine, the Netherlands and the United States in real time and to coordinate activities during the house searches.”
DoppelPaymer ransomware appeared in 2019 when cybercriminals started using it to launch attacks on critical infrastructure and industries. Based on the BitPaymer ransomware and part of the