The BlackSuit hacker responsible for the CDK Global attack against US auto dealers

Reuters, June 27, SAN FRANCISCO - Operations at car dealerships across the United States have been affected by a hack into software company CDK Global. This is the most recent in a string of attacks in which ransom-demanding cybercriminals target large corporations by entering behind-the-scenes software vendors.Car dealerships frequently utilize software from CDK to handle sales and other operations. Numerous dealers have reportedly begun manually processing transactions as a result of the hack, according to local press sources.The hacker organization analysts believe BlackSuit is the source of the CDK hack.

Here's more about them:WHAT OR WHO IS A BLACKSUIT? The group first appeared in May 2023, although not much is known about them. Experts claim that it is a relatively new cybercrime outfit that split off from the more established and well-known RoyalLocker hacking group, which has ties to Russia. Born out of another successful gang called Conti, RoyalLocker was a formidable hacker outfit that mostly targeted American companies. Analysts estimate that Royal was the third most persistent ransomware organization, behind LockBit and ALPHV.However, compared to the others, BlackSuit is less combative. According to Kimberly Goody, head of cybercrime analysis at Mandiant Intelligence, the amount of victims listed on its data leak website indicates it does not have as many hacking partners as larger ransomware groups."BlackSuit victims span a wide range of sectors and have been overwhelmingly based in the U.S., followed by the U.K. and Canada," the spokesperson stated.