Garmin Suffers Global Outage And Ransomware May Be To Blame
Garmin Suffers Global Outage And Ransomware May Be To Blame
GPS technology titan Garmin is dealing with a massive service interruption. According to reports from unnamed employees ransomware may be to blame.
Visit Garmin.com and you may be greeted by an apology. “We’re sorry,” it reads, adding that the company is “currently experiencing an outage that affects Garmin.com and Garmin Connect,” Garmin’s fitness tracking app.
The outage also has also hit Garmin’s phone systems. Email and chat services are currently offline as well.
Bleeping Computer notes that the official Garmin Twitter account posted a message saying that services were unavailable due to maintenance. The same message had been posted several hours earlier from the Garmin India account.
Users in Japan and India report that the “maintenance” has lasted nearly 12 hours. That lengthy timespan has led to plenty of speculation on social media that malware is to blame.
Indeed, a Taiwanese news site claims ( Google Translate link ) that Garmin IT staff sent an internal memo warning that company servers had been compromised. Unconfirmed reports claim that the WastedLocker ransomware may have infected those systems.
WastedLocker is a relatively new strain. Security companies attribute it to Evil Corp, the same group responsible for the development and distribution of Dridex and Bit Paymer. Evil Corp’s primary targets are U.S.-based businesses and organizations and it’s believed that the hackers are mostly Russian.
Dridex dates back to 2015, when the crew’s primary focus was wire fraud. Bit Paymer surfaced in 2017 as attacks shifted to ransomware.
WastedLocker retains much of Bit Paymer’s functionality, but it’s more sophisticated. Malwarebytes researchers describe WastedLocker samples as being highly customized. Evil Corp essentially delivers a tailor-made WastedLocker variant based on the target being attacked.
Customization is done after an initial breach allows the hackers to assess a would-be victim’s defenses. Once that intelligence has been gathered, the attackers can unleash a customized version of WastedLocker designed to evade any anti-malware protections it encounters.
Ransom demands for WastedLocker infections are steep, generally ranging from $500,000 to $10 million in cryptocurrency.
Garmin is precisely the kind of company that Evil Corp tends to go after. These attacks can be especially devastating given the crew’s penchant for targeting both sensitive files and any backups that are found.
Garmin has been contacted for comment and this post will be updated with any information provided.
Lee Mathews
Lee started writing about software, hardware, and geek culture around the time that the Red Wings last won the Stanley Cup. The two aren’t related in any way, however.
… Read More
Lee started writing about software, hardware, and geek culture around the time that the Red Wings last won the Stanley Cup. The two aren’t related in any way, however. When he’s not catching up on tech news or blogging about it, you can find him watching or playing baseball and doing his part to ensure the next generation of geeks is raised properly.
