Hackers Demand Up to 600 Bitcoins ($32 Million) in Kia Motors Ransomware Attack
- Kia Motors America suffered a ransomware attack on Thursday.
- Hackers demand a $22 million payout to decrypt the data.
- Ransom could shoot up to $32.7 million in the coming week if not paid on time.
Kia Motors America is the latest company to face a ransomware attack from the notorious DoppelPaymer gang of hackers. The hackers are demanding the payment in Bitcoin (BTC), 404 Bitcoins (~$22 million, as of writing), to decrypt the data and not leak the data to the public. The ransom is set to increase by 50% to 600 Bitcoins if not paid by 28th February 2021.
A ransomware attack is a malware attack in which a hacker encrypts files and data of the victim and asks for a ‘ransom’ to decrypt the data. According to a report by BleepingComputer, the attack on Kia Motors America witnessed “a nationwide IT outage” affecting the company’s mobile UVO Link apps, phone services, payment systems, owner's portal, and internal sites used by over 800 dealerships in the U.S.
In a note first revealed by BleepingComputer, the DoppelPaymer gang alleges they orchestrated the attack on Hyundai Motors America, Kia’s parent company. No hack attempts have been reported on Hyundai Motors. The Tor ‘victim page’ reads that the hackers made away with large volumes of data threatening to release them to the public if no negotiation or payment is held in the next 2 weeks.
To prevent any leak of the data and get the data decrypted, Kia Motors should pay 404 BTC through a Tor website link, with instructions on how to do so. If not paid in the next nine or so days, the ransom is stated to grow by 50% to 600 BTC (~$31.7 million, at current prices).
Several services remain affected on the Kia Motors America website, but the hackers have released no information on the type of data stolen.
This is not a first-time hack attempt for the DoppelPaymer gang, who also launched a ransomware attack on Foxconn, one of the largest electronic firms in the world, in December. The hackers asked for 1,804 BTC, or $35 million at the time, to decrypt their files.