Garmin, a customer support service and navigation solution, has been a victim of crypto-ransomware. The company has announced on Twitter that their systems and services are back on track and affected by “an outage”.
However, some people aren’t convinced that the company was able to do a counter-attack on hackers. Opinions blow up that Garmin has paid some or all of $10 million crypto ransom to hackers who encrypted their internal network and took down their services.
Lawrence Abrams of Bleeping Computer said that the I.T. Department of Garmin had used a decryptor to regain access to workstations that have been affected by the ransomware attack; WastedLocker. This malware has managed to take down Garmin’s customer support, navigation solutions, and their other services worked online.
As the malware used has no known weaknesses in the encryption algorithm, it is widely believed that Garmin must’ve paid the ransom instead. On their script, there is a timestamp of ’07/25/2020′ that can indicate when the ransom was paid.
Evil Corp, a Russian cyber gang, was also responsible for extorting up to $10 million crypto ransom from Garmin after the ransomware attack. The cybercriminal group leader, Maksim Yakubets, has been indicted by the U.S. Department of Justice last 2019. He was also tagged as one of the Most Wanted with FBI with a $5 million reward.
Since Evil Corp had been sanctioned by the U.S. government back in 2019, if proven that Garmin has sent any form of ransom, they may face sanctions. Threat Analyst, Brett Callow said that “Payment may be the only way for a company to avoid a catastrophic loss of data but it may be illegal for the company to make that payment.”
Some companies that have been attacked by ransomware groups ended up paying the ransom demands. This is after instead choosing to lose business. At the same time, computer access has been restored, or any confidential information may be released.