Ransomware operators launched a cyber attack in L.A.

May 12, 2020
doppelpaymer ransomware group los angeles cyber attack data leak compromised data antimalware dark web cyber threat

A bold claim from the renowned DoppelPaymer Ransomware Group has been announced, with the hackers saying that they’ve just launched a targeted cyber attack in a U.S. city near the South Bay area of Los Angeles.

The targeted city, Torrance, in the Los Angeles metropolitan area, has been consistent in its standing as one of the safest cities in Los Angeles county – thanks to its low incidence of crimes. Well, not this time around. A cybercrime has taken place in this beautiful city of 150,000 residents, threatening to lay waste to their city and alter their quiet way of life.

Precisely on the 1st of March, the city received a report that its email accounts and network servers are under attack by a yet unidentified digital assailant. Which immediately compromised their overall business services and operations. Alarmed by the sudden intrusion, the local government’s cybersecurity experts were immediately summoned to investigate and mitigate the cyber attack. The city was also quick to release statements that they are cooperating with law enforcement agencies to address the incident and stated that there were no impacts on public personal data.

The attack was immediately claimed by a hacking team called DoppelPaymer Ransomware Group. They have announced through a news outlet saying that they are holding the city’s servers and network machines, including 200 GB worth of confidential files, ransom. A total of 150 network servers and more than 500 terminals were encrypted and taken over. The hackers are demanding an exchange in the payment of 100 Bitcoins or roughly US$700,000.

To make matters worse, the hackers have started to leak some of the data they’ve acquired and demanding even more instances of it if their demands are not met. According to cybersecurity experts, this kind of tactic is dubbed as “multi-extortion”. Hackers will threaten to wreak further havoc by leaking more of the data they have just illegally acquired to get the authorities or the victim to pay up and demand even more money. This has been well documented and purposely done by other hackers and malware-users in the past.

As for this ransomware group, they even have an online repository dedicated to those companies and institutions that have been uncooperative and refused payment. The website is called “Dopple Leaks,”- a website that contains samples of the stolen data from each victim and other sensitive info that were compromised during the group’s cyber attack on them. And as expected, the city of Torrance now has its own folder on that website – “City of Torrance, California,” which contains the leaked data – the city budget reports, accounting reports, city manager’s documents, and other financial archives.

According to cybersecurity researchers, regardless if the city pays the ransom or not, there’s no way to guarantee that the hackers will not post or sell the stolen data on the Dark Web. These hackers have changed the digital game. And to make things worse, these hackers are making these attacks during a global crisis with no regard to their economic and human impacts.

About the author

Leave a Reply