Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Powered by MOMENTUM MEDIA
Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Explore

SECTIONS

MORE

search button

Sources suggest CDK Global paid US$25m in ransom to thwart cyber attack

CDK Global has reportedly paid a ransom, leading to the systems of as many as 15,000 US car dealerships being restored, according to sources speaking to media.

user icon Daniel Croft
Mon, 15 Jul 2024 Security
Sources suggest CDK Global paid US$25M in ransom to thwart cyber attack
expand image

Last month, car dealership software provider CDK Global announced that it detected a cyber incident on its network, leading to many of its systems being taken offline.

“We are currently experiencing a cyber incident. Out of caution and concern for our customers, we have shut down a majority of our systems,” CDK spokesperson Lisa Finney said in a statement seen by media on 19 June.

Last week, CDK managed to restore services after an outage that appeared to have ended. While the company is yet to reveal just how it restored services, sources cited by US media giant CNN said the company seems to have forked out US$25 million in ransom to the BlackSuit ransomware gang.

============
============

According to Chris Janczewski, chief at crypto-tracking firm TRM Labs, speaking with CNN, 387 bitcoins, which equates to roughly $25 million, were transferred into an account owned by hackers connected with the BlackSuit ransomware gang.

While the source of the payment was not identified, other sources cited by CNN who wished to remain anonymous suggest that it was highly likely that CDK paid the 387 bitcoins. This is despite the account that sent the ransom payment not being owned by CDK but rather an account connected to an organisation known for helping ransomware victims deal with attacks, according to the source.

A week after the payment was made, CDK announced it was bringing car dealerships back online.

CDK is yet to comment on the claims it allegedly paid the ransom, but it announced earlier this month that “substantially all” of its 15,000 car dealership clients were back online with its software.

“We are happy to report that we are ahead of the anticipated schedule,” said an automated message on the company’s customer care phone line.

Cyber Daily logo
VIEW ALL

That being said, a US SEC 8-K filing from 5 July suggests that some systems remain offline.

“Other affected systems, including the CRM and certain functions of the DMS, remain offline as the company continues to investigate and test such systems,” CDK said.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.
CD Logo

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED

Be the first to hear the latest developments in the cyber industry.

Copyright © 2007-2024 MOMENTUMMEDIA
Copyright & DisclaimersPrivacy PolicyTerms & Conditions
momentummedia media
most innovative companies awards

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

CATEGORIES

STAY CONNECTED

Copyright © 2024 MOMENTUMMEDIA