GarminPocalypse
We’re still on day T+3 of the Garmin Apocalypse and here is some evidence of a hack.
source: bleepingcomputer.com
I’ve only seen this information on ONE SITE and haven’t been able to verify its authenticity. Bleepingcomputer claims that the following 3 images show a ransom note and a list of encrypted files where each file has been encrypted and renamed to have a GARMINWASTED extension and accompanying ransom note in the garminwasted_info file.
These images appear to show the hallmarks of the WASTEDLOCKER virus with signatures specific to the Garmin attack (links to virustotal.com).
Bleepingcomputer’s sources also claim that a $10million ransom has been demanded. Whilst that might seem like something from an Austin Powers film (below) it might not be as crazy an amount as you might think. It might be a carefully calculated amount that could be paid relatively trivially by Garmin without forcing Garmin to go through the rigmarole of a complete system restart. Yet, I’m sure you would agree, $10million is a lot of money for the recipient.
Further news from India Today suggests that the hack is the work of Maksim Yakubets who, apparently, has a $5 million bounty on his head.
Garmin may well have already paid this (or not) and, even if they have, would have a tricky re-start process and that’s what we might be seeing now. Who knows? I would imagine that full disclosure will be required at some point.
source: bleepingcomputer.com
Reader-Powered Content
This content is not sponsored. It’s mostly me behind the labour of love which is this site and I appreciate everyone who follows, subscribes or Buys Me A Coffee ❤️ Alternatively please buy the reviewed product from my partners. Thank you! FTC: Affiliate Disclosure: Links pay commission. As an Amazon Associate, I earn from qualifying purchases.
What version of Windows is Garmin using?
I think it was either 3.1 or 3.11 using McAfee 2003 😉
are you asking because of the images shown above or just out of general interest?
Paying the ransom is likely illegal under US law because the recipient organization has been sanctioned.
Good point.
I guess illegal things can still be done, depending on the subsequent sanctions.
There was a VERY recent case (BLACKBAUD, May 2020, https://www.bbc.co.uk/news/technology-53516413) where a ransom was paid by that US organisation.
It is the time when it should be evident for the herd why a lOcally running (laptop/PC based) sports software has a value. I just refer to Sporttracks 3 again, which was killed by its creator 4 months ago, but some still use it including me.
indeed so, local is good.
there are ups and downs to this model, however the fact that the connect app is virtually useless without the garmin cloud is a real failure. why can’t i even update alarms on my vivomove? that is just using the app as a settings update tool for the device. regardless of hacks, when i go to set my alarm before bed i could be unable to connect to the cloud for any number of reasons.
https://www.garmin.com/de-DE/outage/
got that, ty.
FAQ….errr. should be ‘Finally answers occasionally-asked stuff by a small number of people but ignores the bigger questions” or FAoasbasnopbitbQ
To me those images looks like fake as the file names seems at bit to “easy” and not actual file names.
yes i had the same thoughts, hopefully my words around the images were sufficiently cautious