Auto software provider CDK Global is suspected of paying $25 million in Bitcoin last month to settle a ransomware attack
On July 15, ZachXBT, an on-chain detective, disclosed that a ransomware gang linked to a June cyber attack targeting CDK Global, a major supplier of software provided by US car dealerships, received more than $25 million in Bitcoin. Last month, CDK Global suffered an attack that caused its software to go down, affecting about 15,000 US car dealerships. According to ZachXBT, an address linked to Black Suit received a payment of 387 BTC on June 21. Subsequently, the funds were transferred to several centralized exchanges. BlackSuit emerged in 2023 and has become a well-known ransomware gang targeting US companies. The payment is in line with a previous report by Bloomberg that CDK Global planned to pay a ransom to keep its data from being made public. The company has agreed to pay tens of millions of dollars to speed up the recovery of its systems. However, CDK has yet to confirm whether the ransom was paid. Instead, it announced that almost all of its nearly 15,000 car dealership customers were back online last week. Analytics firm Chainalysis noted that a ransomware gang called "cl0p" received nearly $100 million in ransom payments during this period. The gang took advantage of file-sharing software MOVEit. The BlackBasta gang reportedly extorted at least $107 million in bitcoin. Most of the laundered ransom payments went to sanctioned Russian crypto exchange Garantex.