On February 28, 2023, law enforcement authorities from Germany, Ukraine, the Dutch National Police, and the U.S. Federal Bureau of Investigation targeted suspected core members of a cybercrime group behind large-scale attacks using DoppelPaymer ransomware.
The operation entailed a raid of a German national's house as well as searches in the Ukrainian cities of Kiev and Kharkiv. A Ukrainian national was also interrogated. Both individuals are believed to have taken up crucial positions in the DoppelPaymer group. Forensic analysis of the seized equipment is ongoing to determine the exact role of the suspects and their links to other accomplices, according to Europol.
However, there are a number of differences between DoppelPaymer and BitPaymer, which may signify that one or more members of Indrik Spider have split from the group and forked the source code of both Dridex and BitPaymer to start their own Big Game Hunting ransomware operation, according to cybersecurity firm CrowdStrike.