 |
| Garmin paid criminals a ransom in millions |
According to the report, Garmin smartwatch manufacturers paid millions in ransoms to restore criminals ’access to their files and systems, which an external commercial company called (Arete Incident Response) used to process documents. crypt.
Garmin suffered a failure last month as many of the company's systems and services were temporarily closed and shut down.
She later claimed that she was a victim of a cyberattack, but did not provide detailed information about the cause, and was reported to have been attacked by ransomware, and there are others. Sign up to confirm it.
Sky News reported earlier this week that Garmin got the decryption key to recover its files from the (WastedLocker) virus.
Security sources assume that the virus was developed by people who worked with the Russian cyber-crime organization Evil Corp. keep in touch.
The US Treasury Department fined the company last December and accused the company of developing and distributing another type of malware called (Dridex).
According to those familiar with the matter, Garmin first attempted to pay the ransom by engaging another company that specializes in these incidents.
However, the company said it had not negotiated a ransom to recover its files from the WastedLocker virus due to the risk of sanctions violations.
After being severely criticized, Garmin went to the Arete Incident Response Service. The company claimed that there was no evidence that the ransomware (WastedLocker) was associated with the punished person.
Garmin said her system was infected with the virus on July 23 (Thursday) and in response to an incident I published a study on its website on July 24 (Friday). The study was accompanied by inconclusive evidence. Ironically, the study attributed WastedLocker to EvilCorp.
After the sanctions were imposed, criminals began developing ransomware and the U.S. government did not publicly link the sanctions to WastedLocker.
Sanctions mean Americans are generally forbidden, even with blackmail, with 17 people and seven with Evil Corp. Associated companies.
A source familiar with the matter said: Garmin, an American multinational company, did not pay the intruder directly.
The source confirmed that (Arete Incident Response), although (Arete Incident Response) ultimately believed that (WastedLocker) was not a producer of Evil Corp, (Arete Incident Response) was still paying it as part of the ransom attack trading service.
Actor (Arete Incident Response) said: We cannot comment on the Garmin issue. Since we have contractual confidentiality obligations to all customers, we cannot discuss customer IDs.
Regarding allegations that WastedLocker operators have been sanctioned by the United States, the representative added: "Incident Response" follows all recommended inspections to ensure compliance with US trade sanctions laws.