GarminPocalypse
We’re still on day T+3 of the Garmin Apocalypse and here is some evidence of a hack.
source: bleepingcomputer.com
I’ve only seen this information on ONE SITE and haven’t been able to verify its authenticity. Bleepingcomputer claims that the following 3 images show a ransom note and a list of encrypted files where each file has been encrypted and renamed to have a GARMINWASTED extension and accompanying ransom note in the garminwasted_info file.
![ransom-note[1]](https://i2.wp.com/the5krunner.com/wp-content/uploads/2020/07/ransom-note1.jpg?ssl=1 "ransom-note[1]")
![wastedlocker[1]](https://i2.wp.com/the5krunner.com/wp-content/uploads/2020/07/wastedlocker1.jpg?ssl=1 "wastedlocker[1]")
These images appear to show the hallmarks of the WASTEDLOCKER virus with signatures specific to the Garmin attack (links to virustotal.com).
Bleepingcomputer’s sources also claim that a $10million ransom has been demanded. Whilst that might seem like something from an Austin Powers film (below) it might not be as crazy an amount as you might think. It might be a carefully calculated amount that could be paid relatively trivially by Garmin without forcing Garmin to go through the rigmarole of a complete system restart. Yet, I’m sure you would agree, $10million is a lot of money for the recipient.
Further news from India Today suggests that the hack is the work of Maksim Yakubets who, apparently, has a $5 million bounty on his head.
Garmin may well have already paid this (or not) and, even if they have, would have a tricky re-start process and that’s what we might be seeing now. Who knows? I would imagine that full disclosure will be required at some point.
source: bleepingcomputer.com
