Sky report says Garmin smartwatch maker got the WastedLocker decryptor from Evil Corp but did not directly pay ransom to them
Garmin is in a soup! The smartwatch, GPS, and other wearables maker was hacked into and infected with WastedLocker ransomware by Maksim Yakobets led Evil Corp hacking group. Evil Corp had demanded $10 million in ransom after encrypting all Garmin servers and computers. The WastedLocker ransomware attack was so powerful, it brought down the Garmin ecosystem. All connected services like Garmin Express, Garmin Connect mobile, Garmin Launch, and the Garmin website are offline for the past week.
After denying ransomware infection for a week, Garmin in a corporate statement on Monday stated that it had indeed been infected with ransomware. It added that it expects to return to normal operations over the next couple of days. “Garmin Ltd today announced it was the victim of a cyberattack that encrypted some of our systems on July 23, 2020,” the firm stated. “As a result, many of our online services were interrupted including website functions, customer support, customer-facing applications, and company communications.”
The press statement confirms that Garmin has got the WastedLocker ransomware decryptor. But the question remains how? Media reports suggested that Garmin managed to obtain the WastedLocker ransomware decryptor from Yakubets Evil Corp but the firm “did not directly make a payment to the hackers.”
A report in Sky News says that anonymous sources told them that the company did not directly make a payment to the hackers. This could mean that Garmin paid the Evil Corp through third-party negotiators. But doing that could open up Garmin for serious penalties by the U.S. Treasure department which has banned any dealing with Yakubets or Evil Corp.
Garmin’s representatives declined to respond to repeated offers by Sky News to challenge the sources’ claims, stating the company “does not comment on rumor and speculation”. A representative for Garmin told Sky News that they did not have any information to share regarding the ransom payment.