Not yet established

Incidents Associated with this Threat Actor

Incident Date Victim Description
2019-05-18 Production lines stopped

Production lines had stopped at some of its 170 plants. Cost estimated at $71MM.

2019-07-09 Deep draft vessel bound for the Port of New York

Deep draft vessel bound for the Port of New York

2018-07-24 China Ocean Shipping Company Terminal Maritime Incident
2018-09-20 Port of Barcelona Maritime Incident
2018-09-25 Port of San Diego Maritime Event
2020-05-15 BlueScope Event

Worldwide shut down of operations

2020-05-05 Toll Group Incident
2020-03-05 EVRAZ Infection

The infection paralyzed the North American branches of the company, primarily affecting steel production plants across Canada and the US

Malware Associated with This Threat Actor

Name Type Associated Threat Actor(s) Description
DoppelPaymer Ransomware Unknown

DoppelPaymer is an emerging type of ransomware that not only locks companies out of their own computer systems by encrypting files—the hallmark of typical ransomware—but also can exfiltrate company data and use it as collateral.

Unknown Unknown, Isreal, STIBNITE


There are no associated references.