IoT Ransomware is a scaring reality, the threat will increase in the next months and security firms have been warning IT industry. Routers, smart TV, and CCTVs are all potential victims of such category of malware.
The latest incident in order of time involved an LG smart TV, the software engineer Darren Cauthon reported the device of one of his family members was infected with ransomware on Christmas day.
The TV got the ransomware when the programmer’s wife downloaded an app to the TV promising free movies, it was a ransomware demanding of US$500 to unlock the device.
The ransomware appears to be a version of the Cyber.Police ransomware, also known as FLocker and Frantic Locker.
FLocker isn’t a new threat, it has been around for a year and crooks delivered it to the victims via spam SMS campaigns or sharing malicious links.
The FLocker ransomware was first spotted on May 2015, security experts from Trend Micro detected more than 7,000 strains of the same malware. The threat actors behind the FLocker ransomware has updated over the time the threat improving it and making had its detection by security solutions. Over the past few months, the experts observed a number of spikes and drops in the number of iterations released in the wild, in the last wave of infection observed in the mid-April 2016 the researchers detected over 1,200 variants.
— Darren Cauthon (@darrencauthon) 25 dicembre 2016
Darren Cauthon’s LG smart TV runs Google TV, a project discontinued by Google in June 2014.
Currently, LG has moved to WebOS, an open-source Linux kernel-based multitask operating system.
Cauthon tried to reset the TV to factory settings, but the reset procedure available online didn’t work, so he decided to contact the customer service. The man was invited to go to a service center for assistance that implied a $340 bill for the support.
Resuming, the Ransomware asked for $500 to unlock the device, but the sad news is that also LG asks a $340 bit of the support.
The story has a happy ending, LG provided hidden reset instructions to remove the ransomware from the LG Smart TV.
The company offered factory reset steps which are not publicly available.
Below the video shared by The Register:
— Darren Cauthon (@darrencauthon) 29 dicembre 2016
(Security Affairs – LG Smart TV, ransomware)