The malicious software has penetrated the system and now has acquired the precious and sensitive data of the multinational automotive manufacturer, KIA Motors America. DoppelPaymer, the BitPaymer based ransomware, is believed to be the potential victimizer. But the situation gets severe when the malware inducers demanded a ransom of no less than 404 BTC (approximately $20 million), which can go up to 600 BTC (approximately $30 million) for the decryption of the data.
Ransomware Attacks and Bitcoin
When malicious software enters a system, it takes control of sensitive data. In other words, perpetrators keep the sensitive data hostage for the corporations or system owners to pay them the cash they desire. Many companies might try to use their IT power to attain their data, while some pay the heavy ransom to get out of the grave scenario.
As of today, 18th February, KMA has been infiltrated. KMA experienced system failures which afterward led to the paralysis of the system. According to KMA, there were IT outages in the system.
KMA said that they were aware of IT outages involving internal, dealer, and customer-facing systems. They further apologized for the problems and inconvenience faced by dealers and customers. KMA also tries to convince customers that they are working to solve the issues and discrepancies.
According to BleepingComputer, a message appears on the screen that addressed the KMA as Hyundai Motor America, the parent company of KIA Motors America. DopplePaymer has threatened to leak sensitive data in the next 21 days. The infiltrators have also threatened to release the private data to the public if KMA decides not to cooperate. KMA was also advised not to use any recovery software. There is also a countdown on the screen by DopplePaymer, which gives KMA limited time. According to the note, KMA has about nine days to resolve the situation and transfer the heavy ransom. But the asking amount can also reach 600 BTC if KMA fails to transfer any money to the perpetrators.
Kia Motors America’s Take
On the other hand, KMA has clearly stated that there has been no infiltration or ransomware attack. On the contrary, it is just the usual system outage. Also, there has been no evidence as to the infiltration in the system of Hyundai Motor America.