Ransomware: Kia company targeted by attack
Hackers managed to reach the car company KIA.
As a result of this hack, the cybercriminals behind the plan are demanding payment of a US$20 million ransom.
The services of the French automotive giant that have been affected is the network service used by dealers and customers who have subscribed to UVO services. As a result several customers even more able to activate some basic features starting their vehicle remotely or to pay their bills.
This article will also interest you: Tesla: it is possible to steal the electric car by a simple hacking
At first, it should be mentioned the manufacturer would have rejected any hypothesis of ransomware attack.
In a certain sense, the computer attack suffered by the French manufacturer is part of the generalization and popularization of connected cars that continue to take an important place in consumer habits. And hackers know that. Regular consumers are beginning to like the habit of being able to interact with the vehicle remotely. A simple computer attack can undermine this interaction and the pleasure that can be derived from it
"Many Kia customers suffered from such a problem last week. Since February 13, Kia's online and connected services have broken down, leaving homeowners unable to pay their bills, remotely unlock their vehicles, or even warm them up in the midst of one of the toughest winter periods that parts of the United States have known in a long time," said The Drive.
To be heard, customers had to go through social networks such as Twitter to express their anger and their face of the outage.
But the outage didn't just affect customers. It also reached out to first-time buyers who would have liked to open an account on Kia's platform.
However, the problem only began to grow much more when a user on the social network Twitter claimed that his Arizona-based dealer had told him about a breakdown caused by a ransom program.
If this were a ransomware attack, there will be nothing surprising. Especially since for a while, it has become clearly a trend. As part of the French manufacturer Kia, the company has not officially confirmed the attack on the ransom software. But a screenshot, about it circulates or hackers reportedly demanded from Kia a sum of nearly 20 million dollars. They would have had access to several sensitive files. Also in the assumptions, the attack is believed to have been the work of a group of cybercriminals known as DoppelPaymer, a name they were blamed by Crowdstrike researchers in 2019. In short, they are hackers well-known enough in the industry to attack large groups in order to obtain huge sums of money as ransom.
"Since late August 2019, unidentified actors have been using the DoppelPaymer ransom software to encrypt victim data in critical sectors around the world such as health, emergency services and education, interrupting citizens' access to services," the FBI said in a dossier on the DoppelPaymer group.
"Since its emergence in June 2019, the DoppelPaymer ransomware has infected various industries and targets, with players regularly demanding six- and seven-figure ransoms for bitcoins (BTC). Before infecting systems with ransomware, actors exfiltrate data for use in extortion plans and made follow-up phone calls to victims to encourage them to pay more ransoms." Add the U.S. Federal Police.
Yet for its part, the automaker continues to say it is not aware of any ransomware attack. The company said it had observed a "prolonged system failure," without giving further details.
"Kia Motors America, Inc. is currently experiencing a prolonged system failure," a spokesman for the manufacturer noted. "Affected systems include the KiaOwners portal, UVO mobile applications and the consumer web portal. We apologise for the inconvenience to affected customers and strive to resolve the issue as quickly as possible by minimizing the disruption of our activities." The latter seems to be downplaying the claims of a potential ransomware attack. "We are also aware of online speculation that Kia is the subject of a ransomware attack. At this time, we can confirm that we have no evidence that Kia or any Kia data is the subject of a "ransomware" attack."
Now access an unlimited number of passwords: