• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
  • / yourpost
home / News / Garmin: has the decryption key for WastedLocker Ransomware

Garmin: has the decryption key for WastedLocker Ransomware

02/08/2020 07:31 by giorgos

Garmin eventually obtained the decryption key to recover its encrypted files after an attack with WastedLocker Ransomware.

On July 23, 2020, Garmin ceased operations worldwide and its customers could not access Garmin Connect, flyGarmin, Strava, inReach services.garmin - Garmin: has the decryption key for WastedLocker Ransomware

The attackers demanded $ 10 million from the company to give them a decryption key.

After a four-day hiatus, Garmin suddenly announced that services were being restored, leading many to suspect that it had paid a ransom to obtain the decryption keys. However, the company declined to comment.

Today, BleepingComputer gained access in a package created by Garmin IT department to decrypt a workstation and then install security software on the machine.

ezgif 6 3777150fc11c - Garmin: has the decryption key for WastedLocker Ransomware

WastedLocker is one ransomware business-oriented and has no weaknesses in the encryption algorithm. This means that there is no free cryptographer.

So in order to obtain a decryption function key, Garmin must have paid the ransom to the attackers. It is not known how much they paid.

The recovery package acquired by BleepingComputer includes various security software installers, a decryption key, a decoder for WastedLocker, and a script that can run all of the above.

The script contains a timestamp '25/07/2020', which shows that the ransom was paid on 24 or 25 July.

ezgif 6 de03e78cc3cb - Garmin: has the decryption key for WastedLocker Ransomware

The cryptographer included in the package contains references to both the cybersecurity company Emsisoft as well as ransomware trading company, Coveware.

When BleepingComputer contacted Coveware, they said they did not comment on ransomware reported in the media.

A similar answer was given by Emsisoft, which stated that it could not comment, but that they create decryption tools and are not involved in ransom payments.

Emsisoft typically creates custom ransomware decryptors when the tools provided by attackers contain errors or if companies are concerned that they may contain backdoors.

"If the ransom has been paid, but the decryptor provided by the attacker is slow or defective, we can extract the decryption code and create a custom solution that decrypts up to 50% faster with less risk of damage or data loss," she said. Emsisoft on a page of.

Garmin: has the decryption key for WastedLocker Ransomware was last modified: 2 August, 2020, 7: 31 am by giorgos

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: Newstag: Garmin, ransomware, WastedLocker Ransomware

You May Also Like

ransomware
Ransomware Task Force new team with Microsoft and McAfee
45 million medical operations exposed on the internet
Gootkit returned in parallel with REvil ransomware

About Us giorgos

George still wonders what he's doing here ...

Previous Post: « Tux an interesting story about the Linux mascot
Next Post: Windows 10 2004 conversion to Windows 10 2009 with one click »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loading Cancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.