The ‘BlackSuit’ Hacker Behind the CDK Global Attack Disrupting U.S. Car Dealers

A cyberattack on CDK Global, a key software supplier for U.S. auto dealerships, has disrupted operations, forcing many dealers to process transactions manually.

The hacker group BlackSuit, believed to be responsible for the attack, is a new cybercriminal team that emerged in May 2023, spun off from the Russia-linked RoyalLocker group.

Despite being less aggressive than other ransomware gangs, BlackSuit has breached at least 95 organizations globally, primarily targeting U.S. sectors such as industrial goods and education.

The true number of victims is likely higher, with BlackSuit actively seeking partnerships in underground forums.