Compromiseseverity: High2020-07-24
Garmin global outage attributed to Evil Corp WastedLocker ransomware
published by BleepingComputer
Actor
Russian cybercrime syndicate publicly attributed by the U.S. Treasury OFAC in December 2019, which sanctioned founder Maksim Yakubets. Operators of the Dridex banking trojan, the BitPaymer and Wasted…
Summary
BleepingComputer confirmed that the 23 July 2020 outage of Garmin Connect, flyGarmin, inReach and related services was caused by a WastedLocker ransomware infection attributed to Evil Corp. Encrypted files carried a '.garminwasted' extension and the operator-issued ransom notes reportedly demanded $10 million. The incident illustrated Evil Corp's post-sanctions pivot from Dridex banking fraud to big-game ransomware.
Tags
ransomwarewastedlockergarminbig-game
Primary source
bleepingcomputer.comOther Evil Corp events
- 2024-10-01US, UK and Australia issue trilateral Evil Corp sanctions naming FSB enabler Benderskiy
- 2024-10-01UK NCA unmasks Evil Corp's Aleksandr Ryzhenkov as a LockBit affiliate
- 2020-06-25Symantec discloses WastedLocker wave against 31 US organizations
- 2019-12-05US Treasury sanctions Evil Corp and designates Maksim Yakubets
- 2019-12-05DOJ indicts Maksim Yakubets and Igor Turashev over Bugat/Dridex scheme