LG service centers in S.Korea Possibly Hit By WannaCry ransomware

LG service centers in S.Korea Possibly Hit By WannaCry ransomware

LG Electronics’ service centers have been targeted by cyber criminals leading to ransomware infecting of its self-service kiosks and blocking it from functioning Monday morning.

The electronic giant informed about the situation to South Korea‘s government owned cyber security agency KISA (Korea Internet & Security Agency) who was able to tackle the situation as the infection was in its initial phases.

In a statement to Korea Herald, spokesperson for LG said that “The problem was found to be caused by ransomware. There was no damage such as data encryption or asking for money, as we immediately shut down the service center network.”

KISA, on the other hand, said there is a possibility that WannaCry ransomware infected the kiosks. However, it’s unclear how the infection took place; whether someone deliberately installed the malicious software on the devices or someone at the backend of the system was tricked into installing the ransomware.

Image shows WannaCry ransomware infecting computers at a police station in China back in May.

“We found that samples of the malicious code (found in LG’s kiosks) were identical to the WannaCry ransomware attack. More investigation is still needed to determine the exact cause,” KISA said.

Ransomware is a malicious software which encrypts files on the targeted device and asks for ransom in Bitcoins. The WannaCry ransomware attack was the most sophisticated and successful campaign conducted by cyber criminals.

It should come as no surprise that after months have passed, WannaCry is still targeting unsuspected users around the world. In May 2017, WannaCry spread to 150 countries and targeted over 200,000 outdated Windows based devices by exploiting a critical vulnerability in Windows’s SMB protocol.

Last time we heard about WannaCry infection was when it locked computer system of Honda plant in Japan and Traffic cameras in Australia. But based on these infections, one can recognize a patron where the ransomware seems to have moved from European region to the other side of the world.

At the time of publishing this article, all the kiosks were operating normally.

Total
1
Shares
Related Posts