The multinational technology company Garmin could have paid some or all of the $ 10 million crypto bailout to hackers who managed to encrypt the company’s internal network and eliminated several of its services on July 23.
According to a report dated August 1st Lawrence Abrams from Bleeping computerGarmin’s IT department used a decrypter to Get back access to your workstations affected by the first WastedLocker ransomware attack. The malware removed customer support, navigation solutions, and other company online services.
The existence of this protocol has been reported to imply this “Garmin must have paid the attackers a ransom”Because the malware used in the hack “has no known vulnerabilities in its encryption algorithm”.
“The Garmin script has a timestamp from ’07 / 25/2020 ‘to indicate this The ransom was paid on July 24th or 25th“, according to the message.
Evil Corp would be responsible
Cointelegraph reported on July 27 Russian cybercriminals Gang Evil Corp. He was responsible for extorting $ 10 million from Garmin after the ransomware attack.
Maksim Yakubets, the leader of the cybercrime group, had previously been charged by the U.S. Department of Justice in 2019. It was also included in the FBI’s most wanted list with a $ 5 million reward, the largest amount offered by the authorities for arresting a cybercriminal.
Garmin is operating again
The last Tweet on July 27, the technology company claimed that “Many of the systems and services affected by the recent power outage, including Garmin Connect, are working again.”. An update on the company’s website claims that Garmin was “Victim of a cyber attack”but without referring to any rescue.
because Evil Corp was officially punished by the U.S. government in 2019. Garmin could face penalties for admitting funds to the group. The threat analyst of Emisoft, Brett CallowCointelegraph previously said that such a payment “would create a legal minefield.”
“For a company, payment may be the only way to avoid catastrophic data loss,” said Callow. “But it could be illegal for this company to make this payment.”
Numbers or bear the consequences
Other companies targeted by ransomware groups ended up paying millions of dollars in crypto ransom notes instead of risking losing their business while restoring computer access or releasing sensitive information.
The travel company CWT, based in the United States, negotiated with hackershaggle the price of a ransom for a malware attack, Bitcoin (BTC) declines from $ 10 million to $ 4.5 million. The Medical Faculty of the University of California also reportedly paid in San Francisco, Cryptocurrency worth over a million dollars as part of a hack bailout on June 1st.
Cointelegraph contacted Garmin for comment, but received no response at the time of writing.