Garmin ransomware attackers said to be demanding $10 million

Various Garmin websites and services remain offline and there is still no official explanation why. It is being widely reported that the US firm has fallen victim to a ransomware attack with information security website Bleeping Computer reporting the hackers are demanding $10 million.

On Thursday, Garmin users throughout the world discovered they were unable to access the Connect service through which rides and runs are uploaded from devices.

Those signing into the site are currently greeted by a message reading: “We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

As well as its official website and Connect data-syncing service, the issue is also said to be affecting Garmin's aviation database services and several production lines in Asia.

Despite the prolonged downtime, the firm has yet to comment beyond two perfunctory tweets repeating the message above.

Bleeping Locker says it has heard from a source close to the Garmin incident response and also a Garmin employee who both said the firm has fallen victim to a WastedLocker ransomware attack.

The WastedLocker malware was developed by the somewhat unsubtly named Evil Corp, a Russian-based cybercriminal group.

The software encrypts the files of the infected host. In this case files are being appended with the .garminwasted extension with ransom notes created for each file.

One source said the attackers are demanding $10 million, but this has not been verified.

Garmin is said to have shut down all devices hosted in a data centre and asked employees to shut down any computer on its network.

Strava workaround for Garmin users

While many features on Garmin devices cannot currently be used, data saved on them has not been lost.

Rides recorded on a Garmin smartwatch or bike computer will remain on your device unless you delete them.

They can also be posted to services such as Strava manually by connecting to a computer via USB, downloading the .fit file from the activities folder, and then uploading it from the computer to the website.

On Strava, there's an option to upload activities manually from a drop-down menu that appears on the top right on the desktop site, and on the top left on their mobile app.

You can find more detailed instructions on the Strava website.