DopplePaymer Ransomware Breached a Large Bank, Banka Ekonomike

DopplePaymer ransomware operators are known for targeting large corporates. On this instance, they breached Banka Ekonomike.

About Banka Ekonomike — Based in Prishtinë, Kosovo, operating as the only 100 percent local bank. Banka Ekonomike has operated a total of 30 branches, which are divided into 7 main regions within which 23 sub-branches operate. According to the statistics from the total bank end-of-year 2018 report, out of 201 branches / sub-branches present in the banking market in Kosovo, Banka Ekonomike ranked 3rd or about 15 percent participation in the total number. In 2018, the bank has moved branches in Klina, Hajvali and Drenas to more modern facilities and has remodeled the branch of Prizren.

The DopplePaymer has released the data of the bank which includes over 70GB of files with financial transactions. Sample screenshot is below:

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.


Scroll to Top