Garmin, one of the biggest companies for smart watches and wearable tech, published a message to their users last week about maintenance works on the company’s servers. But according to several reports, the company is under ransom attack.
If you are not familiar with ransom attacks, this is a short explanation from Wikipedia –
“Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.”
New information about the attack indicates that the hackers demands $10,000,000 to open back the service.
Garmin still refuses to comment about this attack and claims that this is only an outage of their servers – “This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”
The IT team of Garmin tried to shutdown all computers remotely but they failed to do so. They asked the employees to shutdown any computer they have access to. The attackers used a new attack named WastedLocker. This attack was found for the first time on April 2020.
This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience. (2/2)— Garmin (@Garmin) July 23, 2020
Photos from Garmin computers got to the site BleepingComputer, In the picture you can notice that the extention of the file is .garminwasted and for each file, a ransom notes were added.