CDK Global, an American car dealer software provider, used crypto payments to pay hackers a $25 million ransom and regain access to its system. Cybercriminals breached the CDK system on June 19, knocking its servers offline and causing chaos for car dealerships in North America.
According to CNN reports, CDK Global paid cybercriminals $25 million to regain control of its software. The company then spent two weeks scrambling to restore its systems. However, the software company declined to explain the matter and stated it was a “cyber incident.” CDK has not yet disclosed any information about how it recovered the business.
Advertisement
CDK Global Transferred 387 Bitcoin to Hackers
On June 21, the blockchain analytical firm TRM Labs uncovered a mysterious payment of 387 Bitcoins (worth about $25 million) transferred to an account of a ransomware group just a few days after the cyberattack. The analytical firm also highlighted to CNN that the hackers’ receiving account is affiliated with BlackSuit.
Furthermore, TRM Labs found that $15 million from BlackSuit’s account was dispersed through a complex set of 200 transactions. Following a typical money laundering mechanism, hackers moved these assets to over 20 addresses of five global crypto exchanges.
Despite the hackers’ attempts to conceal their tracks by dispersing funds in a complex web, TRM Labs’ expertise traced a portion of the funds back to the source, the BlackSuit account. It helped uncover a crucial thread in the money trail.
CDK Global didn’t directly transfer ransomware payments. A crypto account that assisted CDK Global in transferring Bitcoin payments to hackers is known to be associated with a private company that functions as a helping entity for ransomware attack victims.
CDK Global Ransomware Attack Disrupted 15,000 Auto Dealerships
The ransomware attack that hit the CDK system in mid-June disrupted thousands of automobile dealerships managed by the company’s software. This cyber assault affected the sales, orders, and scheduling systems of almost 15,000 car dealerships. However, last week, CDK stated that their core management system is back online.
Legal authorities always discourage paying a ransom to cybercriminals because these payments promote future attacks. However, some companies think they have no choice but to pay hackers to prevent the leakage of customers’ sensitive data.
BlackSuit’s Recent Cyber-attacks
BlackSuit, the infamous hacker group, is a relatively new gang in cyber hacking. Since last year, they have targeted vulnerable organizations, including educational institutes, construction companies, and health departments. According to the US Department of Health and Human Services, BlackSuit’s malicious software is similar to that of a Russian-speaking cybercriminal group.
A report published by Chainalysis, a blockchain analytics platform, revealed that cybercriminals managed to extort a record-breaking $1.1 billion ransom payments from different organizations globally in 2023. As the digital industries evolve, the battle against cybercrimes will remain an urgent and ongoing challenge.
Read More
- Next Cryptocurrency to Explode in July 2024
- Crypto Price Predictions
- Best Solana Meme Coins to Buy In 2024
- Court Sets Binance Tax Evasion Verdict for October 11
- Ripple CEO Celebrates XRP’s Boost from New CME Benchmarks
Advertisement
