Moldovan authorities have arrested a suspect connected to DoppelPaymer ransomware attacks that caused significant damage to Dutch organizations in 2021. The suspectโs detention was part of an international law enforcement collaboration, with legal procedures underway for extradition to the Netherlands.
Affected: Dutch organizations, NWO (Dutch Research Council)
Affected: Dutch organizations, NWO (Dutch Research Council)
Keypoints
- A 45-year-old suspect linked to DoppelPaymer ransomware attack in 2021 was detained by Moldovan authorities.
- Law enforcement searched the suspectโs home and vehicle, confiscating multiple electronic devices and funds.
- The suspect is currently in custody, with extradition process initiated to the Netherlands.
- The attack targeted the Dutch Research Council (NWO), leading to โฌ4.5 million in damages and system shutdowns.
- DoppelPaymer emerged in June 2019, evolving from the Evil Corpโs BitPaymer with similar tactics and code.
- The ransomware operators use data exfiltration and threats to wipe decryption keys as leverage for ransom payments.
- Law enforcement has targeted and issued warrants for several core members of the DoppelPaymer group, which has attacked numerous high-profile organizations globally.