Technology

It looks like CDK paid a $25 million ransom in crypto to finally end its outage

July 12, 2024

CDK Global has apparently paid up in order to end the ransomware attack which recently crippled its operations, and brought a large part of North American car dealership businesses to a screeching halt.

Citing multiple anonymous sources familiar with the matter, CNN claims CDK has paid the attackers $25 million in cryptocurrency to unlock its systems.

Its report says the company has not confirmed paying the ransomware demand, but multiple anonymous sources, “closely tracking the incident” have said this was the case.

(No) coincidences

Furthermore, two major things happened in the aftermath of the attack which could be tied together.

First, the payment was made in cryptocurrency, and all transactions done over the blockchain (the underlying technology for crypto) can be tracked. Surely enough, they are pseudonymous, but nevertheless, someone sent 387 bitcoin (roughly $25 million) on June 21, to a cryptocurrency account identified to belong to affiliates of BlackSuit, a known ransomware operation.

The address from which the money was sent belongs to a company that helps victims respond to ransomware attacks, the sources further said, without naming the firm.

Second – CDK Global started bringing its systems back online roughly a week after that payment was made.

CDK, a company that provides software-as-a-service for car dealerships, suffered a major cyberattack in late June 2024 which forced it to shut down most of its systems.

As a result, companies using CDK’s services were unable to conduct most of their business and were pushed back to pen and paper for whatever little work they could do.

Law enforcement agencies around the world do not encourage victims paying the ransom demand, since there is no guarantee that they will be able to restore their systems and keep their private data – private. Furthermore, there is no guarantee that the same threat actors (or different ones) won’t simply attack the firm again in a month, or two.

Instead, organizations should work on tightening up their cybersecurity practices and keeping fresh backup copies at hand.

Via CNN

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

LEAVE A REPLY Cancel reply

EDITOR PICKS

POPULAR POSTS

QUICK LINKS

ABOUT US

FOLLOW US

Cookie bar