ZDNet: Garmin services and production stopped working due to ransomware attack from Russian hackers Evil Corp

The company’s devices are popular with professional athletes who are now at risk of losing all of their data.

Garmin Site Notice ZDNet Screenshot

The manufacturer of smart watches and wearable electronics Garmin has fallen victim to the new WastedLocker ransomware virus, created by the Russian hacker group Evil Corp. The virus completely paralyzed the work of the company: internal services, call center, website and production stopped working. This was reported by ZDNet with reference to Garmin employees.

Among other things, the attack affected Garmin Connect, the company’s service through which athletes synchronize data about races or bike rides. Now athletes run the risk of losing all the already downloaded statistics if they did not use third-party services.

Garmin’s website also states that the attack hit the company’s call center. Because of this, users are unable to contact the company by phone, chat, or even email.

According to ZDNet, WastedLocker encrypted the company’s internal network and some production systems – this caused all external services to be disabled. To rectify the consequences of the attack, the company plans to carry out several days of work, including sending employees to production facilities in Asia.

In a conversation with reporters, a Garmin spokesman refused to publicly admit that a hacker attack caused the problem. As ZDNet found out, after that, several employees of the company on social networks still talked about the extortion attack. Some even named a specific virus – WastedLocker, but the publication could not confirm this from the words of employees.

One of the Reddit users told about the same virus . He did not provide any evidence, but said that he received information from a Garmin employee.

WastedLocker was first reported by cybersecurity company MalwareBytes in early July 2020 . According to experts, the target of the virus is specific organizations: during the first attempt to introduce it, it scans the network for active protection methods, and the second time bypasses them. At the same time, a separate compilation of the virus is created for each company.

The name WastedLocker is associated with the way the virus works. After infecting the network, it creates encrypted files with the name of the victim organization and the postscript “wasted”. As a ransom, the hackers demand from $ 500,000 to $ 10 million.

MalwareBytes believes that behind the virus is the Russian hacker group Evil Corp, which in the UK is considered “the most dangerous cybercriminals in the world.” According to British intelligence, the group is led by hacker Maxim Yakubets, who leads a luxurious lifestyle: he drives a Lamborghini and spends 20 million rubles each on weddings.

According to Meduza’s investigation , the hacker is linked to the FSB and is carrying out the agency’s orders to withdraw money from blocked accounts in foreign banks. He not only cooperates with the security forces, but is the son-in-law of one of the influential FSB special forces.

Back to top button