Mfuneko Toyana reports:
Hackers attacked a South Africa’s justice department fund last week, the department said on Sept 30, but said it did not receive any ransom demands.
They targeted a fund containing a pool of money held by the courts in trust on behalf of minors, unborn heirs and missing or absent persons, it said.
Read more on The Star about what may be a DoppelPaymer attack.
On September 27, the DoppelPaymer threat actors added the South African Judiciary to their leak site where they name victims who have not paid ransom demands.
As proof, the threat actors uploaded two files, but those files are not really anything confidential or sensitive and could have been obtained by other means.
So did DoppelPaymer attack this particular fund? Maybe, but the judiciary claims it has not received any ransom demands, so for now, there seems to be a confirmed incident, with a DOJ spokesperson telling The Star:
“The department confirms what appears to be an incident wherein unauthorised transactions may have been attempted on the Guardians fund at the Masters office Pietermartizburg,”
In time, we will likely know whether it was DoppelPaymer or not.