CyberScoop reports that the BlackSuit ransomware gang was noted by TRM Labs researchers to have received nearly $25 million worth of Bitcoin in its cryptocurrency wallet just two days following its attack against CDK Global that resulted in widespread disruptions in North American car dealerships, raising the possibility that the major dealership software solutions provider could have paid the ransomware group's demands.
Nearly $15 million of the received payment, which was also confirmed by another source close to the matter, has been reallocated to over 20 addresses across five global exchanges, while another $6 million has been spread to over 15 addresses across four exchanges, with one of the recipient wallets being linked to an affiliate of the ransomware operation, according to TRM Labs. While the source of the additional funds received by BlackSuit remains unclear, confirmation of it being a ransom payment would make it the second largest following CNA Financial's $40 million payment three years ago.