Ransomware Hits LG Smart TV Underscoring Dangers of IoT Flaws
A smart TV gets infected by ransomware over the holidays—the latest example highlighting the potential security vulnerabilities in these consumer products and other internet of things devices.Programmer Darren Cauthon learned the hard way that the makers of smart TVs—devices that are connected to the Internet and can run apps—may not be making the smartest decisions when it comes to security. Over the holidays, a member of the programmer’s family—later reported to be his wife — downloaded an app for watching free movies to the TV. Minutes later, the television showed a notice claiming to be from the FBI, demanding $500. In all other ways, the device was unresponsive. The screenshot appeared to indicate that the smart TV had been infected by a ransomware variant known as Cyber.Police, FLocker, Frantic Locker, or Dogspectus. “Family member's tv is bricked by Android malware. #lg won't disclose factory reset,” Cauthon tweeted. “Avoid these ‘smart tvs’ like the plague.” The incident underscores the dangers that malware can pose to Internet connected devices. Over the past six months, a variety of malware—the most infamous being Mirai—has targeted Internet of Things (IoT) devices, such as smart TVs. In those cases, the malware took control of the devices and used them in a denial-of-service attack.
However, the ransomware attack did not target the smart TV, but took advantage of its common operating system—a variant of the Android OS—to infect the system. Usually a system reset would clean the malware from the system, but LG did not publish the details of how to reset their devices.