#Privacy: Ransomware operators to stop targeting health organisations

Several ransomware operators will no longer target health and medical organisations during the global health crisis, COVID-19

In a latest report by BleepingComputer, the publication reached out to the operators of Maze, Ryuk, Sodinokibi, DoppelPaymer, PwndLocker and Ako, to ask whether they would continue targeting medical and healthcare organisations during the global pandemic. 

DoppelPaymer was the first to respond, explaining that they do not usually target hospitals or nursing homes. 

“We always try to avoid hospitals, nursing homes, if it’s some local gov – we always do not touch 911 (only occasionally is possible or due to missconfig [sic] in their network) . Not only now. If we  do it by mistake – we’ll decrypt for free,” said the DoppelPaymer operators. 

They added that with “pharma”, they had no wish to support them explaining “while doctors do something, those guys earn.”

Maze operators responded with a press release, in which they stated that it would stop all activity against all kinds of medical organisations until “the stabilization of the situation with virus.”

With the growing fears surrounding the coronavirus, cyber criminals are capitalising and launching numerous cyber attacks and phishing campaigns. 

Research by Check Point found that malicious online actors are using the pandemic to boost their own hacking campaigns. The research revealed that threat actors were infecting coronavirus-related domain names and selling cut-price off-the-peg malware on the dark web. 


Catch the replays and discover the best talks from Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.