CDK Global was hit by a series of cyberattacks last month that forced about 15,000 dealers who rely on its management software to temporarily suspend operations or revert to pen-and-paper records. The company was finally able to restore service to “almost all” customers about two weeks later.
The cybercriminals who hacked into the company’s systems are reportedly demanding a multimillion-dollar ransom for the return of the stolen data.
How did CDK Global end last month’s cyberattack? Latest news on ransom payments
According to cryptocurrency payment tracking experts who spoke to CNN, CDK Global appears to have paid the cybercriminals. Chris Janczewski, head of international research at cryptocurrency tracking firm TRM Labs, told the outlet that 387 bitcoin was transferred on June 21 to an account controlled by an individual associated with the well-established ransomware group BlackSuit. This was worth roughly $25 million at the time.
Related article
CDK Global did not respond to CNN’s request for comment. Investigators cannot say with certainty that the software provider made the payment, but believe the company “was highly likely the source of the payment.”
Tracking cryptocurrency transactions can be complicated, but investigators have been able to glean data from the blockchain that underpins such payments.
