Home / Innovative / Garmin reportedly paid a ransom of several million dollars after a cyber attack

Garmin reportedly paid a ransom of several million dollars after a cyber attack

Fitness brand Garmin paid millions in ransom after an attack last month brought many of their products and services offline. Sky news Reports. The payment was reportedly made through a ransomware negotiation company called Arete IR to help Garmin recover data held hostage as a result of the attack.

BleepingComputer reported last week that Garmin had received a decryption key to access virus-encrypted data and that the initial ransom was $ 10 million.

The attack itself started on July 23 and shut off Garmin’s wearables, apps, website, and even its call centers for several days. Garmin confirmed that it had been the victim of a cyber attack on July 27 as many of its services went online again. His statement did not state whether a ransom had been paid in response to the attack, but indicated that no customer information was retrieved, lost, or stolen.

Early on, reports indicated that the fitness brand was affected by a ransomware called WastedLocker, which was probably developed by people associated with a hacking group based in Russia. The group, known as Evil Corp, was sanctioned by the US Treasury last December Sky news A ransomware negotiator has reportedly refused to work with Garmin to resolve the incident because of fears of breaking these sanctions.

Arete IR declined to confirm this Sky news whether it had worked with Garmin to respond to the incident, citing “contractual confidentiality obligations to all customers.”

; The company said it “followed all of the recommended and required reviews to ensure compliance with US trade sanctions laws.” On July 24, Arete IR tweeted a white paper containing reports of a connection between WastedLocker and Evil Corp. were contested. A representative of the company did not respond immediately The Verge’s Please comment.

The US government has not publicly attributed WastedLocker to those who were sanctioned in December. Sky news Reports, and since the software was developed after the sanctions were announced, it does not appear in the original announcement.

BleepingComputer reports that Garmin must have paid the ransom because the WastedLocker virus has no known weaknesses. Code from an executable file developed by Garmin, verified by BleepingComputer suggests that the company paid the ransom on either July 24th or 25th, and the publication confirmed that the executable was able to decrypt sample files encrypted by WastedLocker.

Garmin didn’t respond immediately The Verge’s Please comment.

Source link