Kia Motors America branch of Hyundai Group, which may produce Apple electric cars, was attacked by ransomware and was extorted US$20 million. But Kia only stated that the company did indeed have a shutdown, but denied that it was a ransomware incident.
In a report yesterday, BleepingComputer obtained a ransom text message that was rumored to be the DoppelPaymer hacker left after the Kia Auto America ravaged. The recipient of the letter is Hyundai Motor America. The hacker informed that the Kia company data had been encrypted. He asked them to pay according to the link in the letter within 21 days. Only after that, Kia can obtain the file and backup decryption key. The link was connected to DoppelPaymer’s Tor payment website. If they do not actively contact within 3 days, they will publish confidential information of the company.
DoppelPaymer wrote on its Tor payment website that they stole a lot of data from Kia cars in the US branch. According to the blackmail message obtained by BleepingComputer, the hacker requested 404.5412 bitcoins, which is equivalent to approximately US$20 million. If the victim does not pay within the time limit, the ransom will rise to 600 bitcoins. It is approximately $30 million.
So, Is Kia Motors America Hacked?
A Twitter user said two days ago that a car dealer in Arizona, the United States, informed the Kia website that it had been disconnected for three days due to ransomware, affecting all Kia company networks in the United States.
For Kia, only the American branch admitted to Bleeping Computer that the company suffered a long system downtime. And the total car owners portal, UVO mobile app, and consumer affairs portal were affected. It also denied the occurrence of ransomware attacks rumored on the Internet.
In November last year, Hon Hai Mexico and Compal were also rumored to be poisoned by DoppelPaymer. Among them, Hon Hai was extorted 804.0955 bitcoins with a current price of more than $34 million.