The cyberattack targeting the company that handles the financial transaction side of car buying for some 15,000 car dealers in the U.S. finally ended thanks, almost certainly to a paid ransom.
According to sources who spoke with CNN, CDK paid a ransom of $25 million to end the attack. The ransom was paid in bitcoin so there could be no trace as CNN describes:
On June 21, about 387 bitcoin — then the equivalent of roughly $25 million — was sent to a cryptocurrency account controlled by hackers affiliated with a type of ransomware called BlackSuit, Chris Janczewski, head of global investigations at crypto-tracking firm TRM Labs, told CNN.
A week after the payment was made, CDK said that it was bringing car dealers back online to its software platform. Cryptocurrency allows for the exchange of digital assets outside of the traditional banking system, but a record of those transactions is accessible on the blockchain.
The cyberattack lasted two weeks and proved a massive embarrassment for car dealer software company CDK. The hack crippled car dealers, and forced them to reverted doing business with paper and pen like animals. The outage likely affected vehicle sales numbers for the month of June.
Janczewski didn’t tell CNN who exactly made the payment but sources told the outlet that the funds went to affiliates with ties to Blacksuit and the payment went through an account connected to a firm that specifically helps companies deal with cyber attack ransom payments.
CNN attempted to get a statement from CDK about the matter, but the company ignored the request. Ultimately, we’ll probably never know the exact details of how everything went down.