Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
According to CryptoPotato, the ransomware group DoppelPaymer launched another attack, this time leaking sensitive data of KMA, the North American branch of automaker Kia Motors. Criminals demand Bitcoin to pay the ransom, and the total ransom may be as high as 600 Bitcoins (worth more than 30 million U.S. dollars). KMA stated that the company has experienced “IT outages involving internal, reseller, and customer-facing systems” and stated that it is working to resolve these issues. The ransom note left by the DoppelPaymer ransomware group stated that they had broken into KMA's system. Attack method (per SlowMist): Ransomware. Reported loss: -.
- chain
- bitcoin
- protocol
- KMA
- bug_class
- unknown
- date_occurred
- 2021-02-18
- loss_usd
- —
- source_id
- sm:kma::2021-02-18