Don’t miss out on the latest CyclingTips updates.
Hackers are reportedly demanding $10 million to free Garmin’s systems from a ransomware cyberattack that began Thursday, according to BleepingComputer.
Employees within Garmin confirmed to the tech site that Garmin suffered an attack using WastedLocker, a new ransomware operated by a malware exploitation gang commonly known as Evil Corp. Ransomware is malicious software designed to keep an individual or company from accessing their own data unless a ransom is paid.
Screenshots shared with BleepingComputer show lists of files encrypted by the malware, with ransom notes attached to each file. The notes tell Garmin to email one of two email addresses “to get a price for your data.” That price is reportedly $10 million.
Evil Corp is a cybercriminal group based in Russia that has been in operation since at least 2007. It was the group behind Dridex malware, another ransomware, and has been sanctioned by the U.S. Treasury Department.
Even if Garmin decides that paying the ransom is the best course of action for the company, doing so would violate the U.S. sanctions.
Garmin was hit by the ransomware attack on Thursday, taking out the Garmin Connect service many cyclists use to track and upload rides, as well as services in their automotive, marine, and aviation divisions. flyGarmin, a service used by pilots, and Garmin Pilot Apps, which is used for flight plan filing, are down. As of Saturday afternoon, Garmin’s systems were still down.
Garmin’s manufacturing facilities in Taiwan remain offline, and the outage also affects Garmin call centers and email systems. We’ve reached out to Garmin for comment and, unsurprisingly, have not received any response.
Garmin hasn’t released much in the way of statements regarding the attack.
Users of Garmin GPS devices can still upload files using a USB cable. Simply browse to your activities directory, save the relevant .fit or .gpx file to your desktop, and upload it from there to your preferred activity tracking service.