DoppelPaymer ransomware gang attacks Kia motors America, demanding $20 million for decryption and not to leak stolen data.
DoppelPaymer ransomware gang attacks Kia motors America, demanding $20 million for a decryptor and not to leak stolen data.
Kia Motors America suffered a nationwide IT outage affecting their mobile UVO Link apps, payment systems, phone services, owner’s portal and internal sites used by dealerships.
When opening the site users are greeted with a message stating that Kia is “experiencing an IT service outage that has impacted some internal networks.”
A Kia owner tweeted that a dealership told them that the servers were down due to ransomware attack when they tried to pick up their new car.
According to BleepingComputer, the attackers in a ransom state that they attacked Hyundai Motor America, Kia’s parent company. The ransom contains a link to a private victim page on the DoppelPaymer Tor payment site.
The Tor victim site announces that a “huge amount” of data was stolen or exfiltrated from Kia Motors America. If the company does not negotiate with the threat actors, it will be released in 2-3 weeks.
“To prevent the leak of the data and receive a decryptor, DoppelPaymer is demanding 404 bitcoins worth approximately $20 million. If a ransom is not paid within a specific time frame, the amount increases to 600 bitcoins, or $30 million, ” reported BleepingComputer.
The threat actors have not indicated what kind of data was stolen. DoppelPaymer is known for stealing unencrypted files and then publishing parts of the stolen data on their data leak site to further pressure victims into paying.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?