Kia Motors America denied the ransomware attack after a day-long network outages.
Ransomware Attack — KMA
Kia Motors America (KMA) is headquartered in Irvine, CA with nearly 800 dealers in the USA and cars/SUVs manufactured out of West Point, Georgia.
According to BleepingComputers, Kia Motors America was suffering a nationwide IT outage that has affected their mobile UVO Link apps, phone services, payment systems, owner’s portal, and internal sites used by dealerships.
Which was done by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data.
In addition, the gang known for fraud, followed by data theft and ransomware attacks for modern data-based companies.
While visiting Kia official site users met with a message stating:
However, Kia stated, “We are aware of IT outages involving internal, dealer and customer-facing systems, including UVO.”
Further added, “We apologize for any inconvenience to our customers and are working to resolve the issue and restore normal business operations as quickly as possible.”
And, BleepingComputer obtained a ransom note, the attackers state that they also attacked Hyundai Motor America, Kia’s parent company. Hyundai does not appear to be affected by this attack.
No Evidence — Ransomware Attack:
The threat actors demanded for a ransom of 404 bitcoins worth approximately $20 million.
And, if not paid in mentioned time the amount increases to 600 bitcoins, or $30 million.
But in a statement released Thursday, Kia said: “We are aware of online speculation that Kia is subject to a ransomware attack. At this time, and based on the best and most current information, we can confirm that we have no evidence that Kia or any Kia data is subject to a ransomware attack.”
Further added, “Kia Motors America, Inc. (Kia) has been experiencing an extended systems outage since Saturday but can confirm that the UVO app and owner’s portal are now operational.”
In a similarly worded statement as Kia, Hyundai told BleepingComputers that they have no evidence of a “ransomware” attack.
“At this time, we can confirm that we have no evidence of Hyundai Motor America’s involvement in a “ransomware” attack.”
Also, Other well-known victims attacked by DoppelPaymer include: