Show vulnerabilities with patch / with exploit
24 July 2020

Wearable device maker Garmin allegedly hit by a ransomware attack


Wearable device maker Garmin allegedly hit by a ransomware attack

Smartwatch and wearables manufacturer Garmin had to shut down some of its connected services and call centers on July 23 due to an incident that company describes as a worldwide outage.

“We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience,” currently reads a notification alert on the company’s website.

In a Twitter message Garmin added that the outage also affected its mobile app. The company's Indian branch tweeted that company’s servers are currently down for maintenance, which may “limit the performances of Garmin Connect Mobile & Website, and Garmin Express.”

While Garmin did not publicly share the information on the possible cause of the outage, according to Taiwanese tech news site iThome, an internal notice the company sent to various departments in Taiwan said that its “internal IT servers and databases were attacked and production lines were also suspended.” According to the news site, Garmin expects services to remain down possibly through July 25th while it works to resolve the issue and secure user data.

Some Garmin employees who took to social media to share the details of the attack speculate the involvement of a new strain of the WastedLocker ransomware, which has previously been attributed to one of the largest malware operations on the internet, Evil Corp.

Garmin has refused to confirm that the outage was caused by a ransomware attack, citing the ongoing investigation.

Back to the list

Latest Posts

Vulnerabilities in Gmail and iCloud allow hiding the sender

Vulnerabilities in Gmail and iCloud allow hiding the sender

Manipulating email header fields allows for various types of attacks to deceive the addressee.
6 August 2020
Iranian APT Oilrig becomes the first group to weaponize DNS-over-HTTPS

Iranian APT Oilrig becomes the first group to weaponize DNS-over-HTTPS

Oilrig members have added a new DNSExfiltrator utility to their hacking arsenal.
5 August 2020
Hacker published passwords for over 900 corporate VPN servers

Hacker published passwords for over 900 corporate VPN servers

The list was published on a Russian-speaking hacker forum frequented by different ransomware operators.
5 August 2020