A ransomware attack by the DoppelPaymer ransomware gang has slugged Kia Motors USA and is demanding an extort of $20 Million in Bitcoin.

Massive outage of Kia Motors USA:

According to reports, Kia Motors USA was facing a countrywide outage impacting the organization’s UVO App, IT servers, payment systems, phone systems as well as dealer platforms, and owner platforms.

It is suspected that the outage played a key role in driving the ransomware attack.

If sources are to be considered, a blackmail note was allegedly delivered to Kia Motors USA claiming that the ransomware attack has stolen and encrypted the files, system data, and backups of Hyundai Motor USA, which is Kia motor’s parent company. 

These encrypted files are threatened to be compromised and released publically in two weeks if the organization fails to meets the demands for the ransomware attack.

To make the extort off of the ransomware attack, the blackmail note also contained a link to the  DoppelPaymer Tor payment site with demands to pay up a sum of 404 Bitcoins which amounts tomoe than $20 million dollars. If the ransom is not settled within ten days, the extort will rise to 600 bitcoin.

Allegedly, one of the American customers of Kia Motors USA came forward on Twitter and stated that when they went to one of Kia showrooms, they were notified by the employees that their systems were down due to the ransomware attack.

Who are the DoppelPaymers?

DoppelPaymer is an FBI blacklisted ransomware family that initiated back in 2019 when it ransom-targeted organizations in critical industries. Mal-activities of the DoppelPaymer ransomware gang has sustained throughout 2020, including a slew of ransomware attacks and seem to continue their operations well into 2021 further.

Some of the victims of DoppelPaymer include major industries and corporations including the Japanese automotive corporation Mitsubishi, international media company Endemol Shine, Mexico’s state-owned oil company Pemex, the government network of Torrance, a California-based financial services company, a French cloud-based telecommunications company, and now the South Korean automobile corporation Kia Motors.

So far, the DoppelPaymer has extorted millions of dollars in mainly  Bitcoin cryptocurrency by mal-operating on such a global scale of ransomware attacks.

Kia Motors refusing claims:

Currently, however, Kia Motors USA is refusing any claims stating the ransomware attack. The company representatives state that they are well aware of the reports and speculations of the alleged ransomware attack against Kia Motors USA, but there is no evidence pointing towards any of the circumstances presented.