[Asia Economy Reporter Kim Hyemin] Kia Motors' U.S. sales subsidiary (KMA) reportedly suffered a ransomware attack, causing related applications to be paralyzed, according to local reports.


On the 17th (local time), U.S. IT and automotive media such as BleepingComputer reported that the cause of the paralysis of Kia owner and dealer portals, 'Yubo e-Service,' and mobile apps like 'Kia Connect,' which began on the 13th, was due to a ransomware attack.


The ransomware that attacked the U.S. sales subsidiary is known as 'Dopplemamer.' It is suspected to have the same creator or be a variant of 'Bitpaymer,' a ransomware created by the Russian ransomware group 'Evil Corp,' as their codes are similar. Dopplemamer targets specific companies and often sends email attachments to employees of the targeted company.


The group that launched the ransomware attack on Kia Motors' U.S. sales subsidiary demanded 404.5833 Bitcoin (approximately 23.2 billion KRW) to receive the decryption key for the infected files and to prevent the leaked data they extracted from being disclosed. They also threatened to partially release the data if no contact was made within three business days.


Hot Picks Today

"Buy on Black Monday"... Japan's Nomura Forecasts 590,000 for Samsung, 4 Million for SK hynix "Buy on Black Monday"... Japan's Nomura Forecasts 590,000 for Samsung, 4 Million for SK hynix

However, the company stated in a press release sent to the foreign media that although the owner portal and others were paralyzed, there is currently no evidence to conclude that a ransomware attack occurred.


한글 기사 보기
This content was produced with the assistance of AI translation services.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.

Today’s Briefing