The so-called WastedLocker type of attack is believed to have been made by people affiliated with the not so subtly named Evil Corp., a Russian cyber crime group .

According to Sky, Garmin sought to pay the ransom through another company before settling on using Arete IR, “a firm which claims that the links between the WastedLocker ransomware and sanctioned individuals have not been proven.” Arete has reportedly questioned the links between WastedLocker and Evil Corp.

It seems as though Arete’s business was required as Garmin, a US multinational company, cannot make direct payments to entities with links to Evil Corp. following a US Treasury sanction last year.

Garmin made no comment to Sky News when questioned about the story.