Cyber

Garmin Is Black Mailed by Hackers

Garmin, one of the biggest companies for smart watches and wearable tech, published a message to their users last week about maintenance works on the company’s servers. But according to several reports, the company is under ransom attack.

If you are not familiar with ransom attacks, this is a short explanation from Wikipedia –

“Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.”

New information about the attack indicates that the hackers demands $10,000,000 to open back the service.

Garmin still refuses to comment about this attack and claims that this is only an outage of their servers – “This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

The IT team of Garmin tried to shutdown all computers remotely but they failed to do so. They asked the employees to shutdown any computer they have access to. The attackers used a new attack named WastedLocker. This attack was found for the first time on April 2020.

Photos from Garmin computers got to the site BleepingComputer, In the picture you can notice that the extention of the file is .garminwasted and for each file, a ransom notes were added.

GitLabs Tested Its Employees

blank

GitLabs, one of the biggest competitors of Microsoft’s GitHub, employs more than 1000 employees and worth about $3 billions.

Most of us, and probably GitLab management, would expect that its employees, which most of them are experienced software developers, would be aware of the cyber threats outside and will know how to safely use the web.

So… According to Gitlab tests, phishing can get even the best!

Phishing is a cyber attack that involves emails, phones, text messages for someone who pretend to be a legitimate organization. In those attacks, the attacker extract personal information.

And back to Gitlab. The company made some very common tests on its workers.

First of all, they purchased a domain named – gitlab.company, set a G-suit account and even had SSL certificate.

GitLab sent personal emails for specific member employees (this attack is called Spear Phishing), and sent an email about upgrading a laptop – something every employee waits for.

This is the mail –

The email, which was sent by the fake IT department look pretty much like a email made by Apple, which supposed to arouse suspicion. At the end of the emails they attached a link to get more details on the replacement.

GitLab’s team left clues that were available in a click of a button –

The results were pretty bad… Out of 50 employees, 17 of them clicked the link, but this is not the bad part… 10 of those 17 employees exposed their credentials in this process.

That being said, 20% of the test subjects handed their credentials to hostile attacker which could lead to major cyber attack on GitLab.

blank