DoppelPaymer Ransomware hits Kia Motors America databases

Kia Motors America is experiencing a nationwide outage because of a ransomware attack and confirmed sources say that the car maker was targeted by DoppelPaymer gang that is demanding $20 million to decrypt the database.

In a media update released early this morning, the South Korean company stated that the nationwide IT outage resulted in disruption of services related to payment systems, UVO Link app, phone services, owner portal, internal sites and dealership link.

The highlight of the attack is that the ransomware spreading gang infiltrated only Kia’s computer network and did not touch the parent company Hyundai’s servers. However, they have left a ransom note stating that they have loads of data siphoned from the servers and if their ransom demand is ignored, they will raise the amount to 600 BTC or $30 million and thereafter will leak that data to the dark web.

Now to those who are interested in protecting their networks against such attacks, security experts are advised to create awareness among online users, deployment of a proactive cybersecurity program, using multi-factor authentication as a better security practice and use of updated threat intelligence.

Note- DoppelPaymer is a ransomware gang that indulges in a double-extortion technique where hackers steal data and then encrypt it until a ransom is paid. And usually this gang demands a sum in millions, and when the victim denies paying a ransom, they put the stolen data for sale on the dark web.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display