Evil Corp, the Russian cybergang, has attacked Garmin, a multinational tech company, which has been operating at less than full capacity after a ransomware attack, as the tech company is being extorted for a $10 million ransom, to be paid in cryptocurrency.
It has been reported by Bleeping Computer that an unidentified Garmin employee confirmed that the WastedLocker ransomware took down the company’s customer support services, navigation solutions, and other aspects of the US-based firm.
However, the leader of the cybercriminal group is a Russian individual named Maksim Yakubets. A known criminal, Yakubets was indicted by the US Department of Justice in 2019.
The head of the alleged cybercriminal group behind the attack was sanctioned by the U.S. Treasury, reports @conexiondigicol https://t.co/nVgs0inqo2 — Cointelegraph (@Cointelegraph) July 27, 2020
He was also listed in the FBI “Most Wanted” list with a reward set at $5 million – the highest reward amount offered by the authorities for the arrest of a cybercriminal.
The report said that due to the sanctions against the criminals behind the attack if Garmin proceeds to pay for the ransom, they could be in trouble with the US government.
Brett Callow, the threat analyst at malware lab, Emsisoft, commented:
“This would seem to create a legal minefield. Payment may be the only way for a company to avoid a catastrophic loss of data, but it may be illegal for the company to make that payment.”
Likewise, the listing says that Yakubets, known with the alias “Aqua,” is wanted for his involvement with computer malware that infected tens of thousands of computers in both North America and Europe, as these resulted in actual financial losses worth around $100 million.
It has been analyzed that the US government also accused Yakubets, and his partner, Igor Tursashev, of providing “direct assistance to the Russian government” by helping the FSB security agency.
Thus, the head of Evil Corp and the co-admin are still at large, though authorities believe them to be in Moscow.