Last month, smartwatch maker Garmin became the victim of a ransomware attack. At first, the company claimed that they had only suffered an outage, but soon reports of an attack surfaced. More stories are also coming out to confirm the attack. Now, reports are saying that Garmin has paid a ransom of millions of dollars to the attackers. Via a third-party company, Garmin paid the ransom to get back its systems and files.
Garmin Pays Ransom
Sky News UK reports that Garmin paid the ransom through a company called Arete Incident Response. After payment, Garmin received the decryption key to unlock their files from the WastedLocker malware. Engadget has tried to confirm the report with Garmin.
However, no one knows yet who launched the attack, or how much Garmin paid as a ransom. Arete IR is a company that works deals between ransomware attackers and victims.
Garmin reportedly paid millions to resolve its recent ransomware attack https://t.co/XV2cPqMfLA pic.twitter.com/R15EoRvqM2
— Engadget (@engadget) August 3, 2020
Garmin Attacked by “Evil Corp”
Rumors suggested that a Russian-backed hacker group called Evil Corp launched the ransomware attack on Garmin. Some experts also believe that the hacker group uses WastedLocker malware for attacks.
The US Treasury has also sanctioned Evil Corp for their cyberattacks. Under the sanctions, US companies are not allowed to pay a ransom or make deals with Evil Corp.
Did Garmin Break the Law?
According to the Sky News report, Arete IR said that doubt remains about the links between Evil Corp and WastedLocker. This doubt allowed Arete IR to handle the ransom payment from Garmin to the cyber attackers without fear of the sanctions.
Arete IR had also published a study that cast doubt on the link between Evil Corp and WastedLocker.
