Kia Motors America suffers ransomware attack, $20 million ransom

Dex4Sure

Level 3
Thread author
Verified
Well-known
May 14, 2019
116
Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data.
In a ransom note seen by BleepingComputer, the attackers state that they attacked Hyundai Motor America, Kia's parent company. Hyundai does not appear to be affected by this attack.

The ransom note contains a link to a private victim page on the DoppelPaymer Tor payment site that once again states the target is 'Hyundai Motor America.'

The Tor victim page says that a "huge amount" of data was stolen, or exfiltrated, from Kia Motors America and that it will be released in 2-3 weeks if the company does not negotiate with the threat actors.

DoppelPaymer is known for stealing unencrypted files before encrypting devices and then posting portions on their data leak site to further pressure victims into paying.

To prevent the leak of the data and receive a decryptor, DoppelPaymer is demanding 404 bitcoins worth approximately $20 million. If a ransom is not paid within a specific time frame, the amount increases to 600 bitcoins, or $30 million.
 

Dhruv2193

Level 10
Verified
Well-known
Nov 7, 2016
468
I think larger the company is, more the chances are of such attacks. Some user among the 1000's of employees will fall prey to ransomware either through mistake, lack of security knowledge, negligence of IT Dept. etc. I think it is becoming more and more important to use Managed Services providers though this may have other drawbacks.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top