Garmin, a multinational tech company, may or may not have paid a staggering $10 million in a crypto ransom. These suspicions have risen after hackers managed to encrypt the internal network of the firm, disabling a range of its services on the 23rd of July.
Suspected Of Paying $10 Million In Crypto
According to a Bleeping Computer report made on the 1st of August, 2020, by Lawrence Abrams, a decryptor was used by Garmin’s IT department to regain access. It was used to take back the workstations that the WastedLocker ransomware attack affected initially. This ransomware attack took out an array of services, including its navigation solutions and customer support.
Using a decryptor protocol, according to the cybersecurity news outlet, hints that Garmin must have paid the required ransom to the attackers. The reason for this is due to the malware itself having no known weaknesses in its encryption algorithm. Of course, they could’ve gotten lucky and guessed the cipher, but there’s a higher probability of Changpeng Zhao becoming the new president of Uganda.
Evil Corp Blamed For Attack
The report speculated that the ransom was paid out on the 24th or 25th of July, 2020. This was gleaned from the timestamp of the script Garmin used to regain control of its systems.
According to reports made earlier, the ransomware attack has been attributed to Evil Corp, a Russia-based cybergang. According to reports made by Bleeping Computer, an anonymous Garmin insider stated that the ransom was for $10 million in cryptocurrency.
Maksim Yakubets stands as the leader of Evil Corp. In the past, he had been indicted by the US Department of Justice back in 2019. Furthermore, the man was listed within the FBI’s Most Wanted list, holding a bounty of $5 million. This stands as the highest bounty the authorities have ever offered for a cybercriminal, in particular.
US Might Sanction Garmin
The most recent tweet from the technology firm, made on the 27th of July, 2020, explained that many systems within its offering were experiencing outages. This includes Garmin Connect. However, the tweet stated that these systems were going back online. On its website, Garmin explained that it was subjected to a cyberattack, but made no statement of a ransom anywhere within its statement.
Garmin, should it have sent any funds to the group, can face sanctions from the US. This is due to the fact that the US government sanctioned Evil Corp back in 2019. Brett Callow, an analyst from Emsisoft, pointed out that such a payment would pose a legal minefield for Garmin.