Cybercriminals that specialize in ransomware, which affects thousands of computers and mobile devices every year, are ramping up their attacks against businesses. It is here that they can get their hands on valuable information and large sums of cash. This particular kind of malware, which hijacks devices and demands a ransom for their return, has managed to conquer another kind of technology: smart TVs.
Last December, the American developer Darren Cauthon announced on Twitter that a family member’s television had fallen victim to one of these attacks. As Cauthon explained, it all came about after the victim had installed an app to watch movies on the Internet, apparently from a third-party website.
The television in question was an LG model that came out in 2014 that is compatible with Google TV, a version of Android tailored to televisions. Once it had infiltrated the device, the malicious software demanded a ransom of $500 dollars to unlock the screen, which simulated a warning from the Department of Justice.
— Darren Cauthon (@darrencauthon) December 25, 2016
The appearance of the false message would lead you to believe that it’s a version of the ransomware known as Cyber.police, also known as FLocker. Ordinarily this ransomware affects smartphones with Google’s operating system. After hijacking the device, the malware collects information from the user and the system, including contact information and the location of the device, to be sent encrypted to cybercriminals.
To avoid paying the ransom, Cauthon unsuccessfully attempted to restore the television set to factory values, but eventually had to resort to the manufacturer’s own services to return it to a state prior to the installation of the malware. Although his relative managed to regain control of the machine without paying any sum to the criminals, he did end up having to pay the manufacturer $340 for the service, not much less than the ransom itself.
The Cauthon case has not caught security experts by surprise, given that last summer a team of researchers had warned of FLocker’s activity on smart TVs. In addition to the United States, ransomware attacks have been reported on smart TVs in Japan.
LG’s post-2014 model are no longer compatible with Google TV, but rather use WebOS, an open source operating system based on Linux. However, new attacks should not be ruled out, as cybercriminals continually refine their tools, which are increasingly focused on infecting Internet of Things devices at business and in the household.