Garmin, a multinational tech company, has been operating at less than full capacity following a ransomware attack launched by the Russian cybergang, Evil Corp. Garmin is being extorted for a $10 million ransom, to be paid in cryptocurrency.
According to a report published by Bleeping Computer, an unidentified Garmin employee confirmed that the WastedLocker ransomware took down the company’s customer support services, navigation solutions, and other aspects of the U.S.-based firm.
The leader of the cybercriminal group is a Russian individual named Maksim Yakubets. A known criminal, Yakubets was indicted by the U.S. Department of Justice in 2019. He was also listed in the FBI “Most Wanted” list with a reward set at $5 million – the highest reward amount offered by the authorities for the arrest of a cybercriminal.
Evil Corp members sanctioned in 2019 by the U.S.
Due to the sanctions against the criminals behind the attack, if Garmin proceeds to pay for the ransom, they could be in trouble with the U.S. government.
Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab, Emsisoft, commented on the Garmin’s dilemma:
“This would seem to create a legal minefield. Payment may be the only way for a company to avoid a catastrophic loss of data, but it may be illegal for the company to make that payment.”
The listing says that Yakubets, known with the alias “Aqua,” is wanted for his involvement with computer malware that infected tens of thousands of computers in both North America and Europe. These resulted in actual financial losses worth around $100 million.
Cybercriminal gang reportedly provided assistance to the Russian government
The U.S. government also accused Yakubets, and his partner, Igor Tursashev, of providing “direct assistance to the Russian government” by helping the FSB security agency.
As of press time, the head of Evil Corp and the co-admin are still at large, though authorities believe them to be in Moscow.
A study published by the cybersecurity firm Fox-IT recently stated that Evil Corp has developed the WastedLocker ransomware. They have been actively using this ransomware to launch attacks since May 2020.
There are reports that the group has asked for a combined total of $10 million from a number of U.S.-based companies.