October 25, 2020

The culprit in the first ransomware murder case was Doppelpaymer

2 min read

Recently, German authorities are investigating the death of a patient in a hospital in Dusseldorf due to a ransomware attack.

Due to a ransomware attack at the Düsseldorf Hospital, a female patient who needed emergency treatment was not admitted. The patient had to be transferred to a hospital in Wuppertal 30 kilometers away and died.

It is reported that the Dusseldorf Hospital suffered a ransomware attack on September 10, and more than 30 internal servers were infected. This incident was the first time in history that a ransomware attack indirectly caused human deaths.

German authorities are currently investigating the cause of death of the patient. The German police said that if it is found that the ransomware attack and the hospital shutdown directly caused the death of the woman, the German police said it would upgrade the nature of the case to murder.PGA ransomware

According to a report by the German news media RTL, the ransomware group that launched the attack withdrew the ransom request after the German police launched an investigation. Since then, Düsseldorf Hospital has received the data decryption key and is restoring its system.

In a tweet earlier today, Düsseldorf Hospital officials blamed ransomware infections on vulnerabilities in widely used commercial software. In subsequent tweets, these officials also stated that they had notified German authorities, including the German cybersecurity agency BSI, which is responsible for issuing security warnings.

A day ago, BSI suddenly issued a warning, asking the German company to update its Citrix network gateway for the CVE-2019-19871 vulnerability (a known entry point for ransomware).

According to a report by the Associated Press, the ransomware attack encountered by the Dusseldorf Hospital seems to be an accident, because the ransom letter was aimed at the local university (Heinrich Heine University in Duesseldorf).

Via: securityaffairs