Hackers Attack Kia and Its Customers With Ransomware Demanding $20,000,000 in Bitcoin

We have grown very accustomed to hitting the button on our key fobs, and our cars light up, unlock, and in some cases, even startup. All of the features are due to remote connectedness to the manufacturer’s network. Lately, some Kia owners may have experienced some issues with remote start and any online services. Kia is playing it cool, but reports suggest hackers have Kia backed into a corner and are demanding millions of dollars worth of Bitcoin. If someone doesn’t break into your car the old-fashioned way, they are stealing it on the internet.

Will Kia pay the hackers ransom of $20,000,000 in Bitcoin?

The Drive reports Kia’s online services are down across the board. This affects not only Kia’s webpages and bill pay, but some Kia owners haven’t been able to remote start their cars via the Kia app. Early reports suggest that Kia was the victim of a massive cyberattack – specifically by something called ransomware. 

Bleeping Computer reports the cyber-criminal group; the DopplePaymer gang seems to be behind the digital siege. This is the same group that hit Tesla and SpaceX last year. If Kia’s digital services lockout isn’t bad enough, the hackers have also claimed an unknown amount of data from Kia, which they are threatening to release if the ransom isn’t paid. Considering that Kia doesn’t know exactly what data or how much the hackers stole, this could be particularly devastating for the South Korean manufacturer. Even though the attack was aimed at the parent company, Hyundai, Kia seems to be the only one affected. 

Kia got a straight-up ransom note

The Bleeping Computer shared an image of the Kia ransom note that is actually kind of creepy. Like any thief, the unsettling part is that someone was wandering around (digitally in this case) in your home, free to do what they want. The ransom note clearly lays out the demand for 404 Bitcoins by a designated time, or else they will start leaking sensitive information. If the ransom isn’t paid by that time, the ransom goes up to 600 Bitcoin which translates to around $30 million in non-computer money. 

The logo on a Kia Sedona for sale at a Kia dealership.
The Kia logo | Scott Olson/Getty Images

10 Dangerous Ways Hackers Can Infiltrate Your Car

It is still unclear how much data was stolen in the attack, but the thieves say it is a “huge amount.” The Bleeping Computer’s reporting suggests that the hackers cast a fairly wide net ensnaring all sorts of data, both corporate and personal, because of what services are affected by the attack. 

The Drive reached out to Kia to get a statement on the matter, and a Kia spokesperson said Kia is “experiencing an extended systems outage” but didn’t specify the cause of the outage.

The Kia spokesperson went on to say that “Affected systems includetheKiaOwnersPortal, UVO Mobile Apps, and the Consumer Affairs Web portal. We apologize for any inconvenience to affected customers and are working to resolve the issue as quickly as possible with minimal interruption to our business.” 

Why won’t they mention the hackers? 

Well, it turns out, Kia did. The Drive got the spokesperson to include the following quote; “We are also aware of online speculation that Kia is subject to a ‘ransomware’ attack. At this time, we can confirm that we have no evidence that Kia or any Kia data is subject to a ‘ransomware’ attack.” Now we seem to be getting somewhere. 

While Kia continues to deny the evidence of the cyberattack, all signs point to that exact theory. Kia owners are still experiencing issues with key connectedness, paying car notes online, and dealers are unable to process sales. This has become quite a mess, and as of now, there is only one clear but costly way to solve the problem.