South Korean electronics giant LG Electronics has been the latest company to fall prey to ransomware attacks after some of its self-service centers have been hit with malicious code that locks up computer files in exchange for ransom money. According to a new report by The Korea Herald, LG Electronics initially detected an issue with gaining access to the self-service kiosks earlier this week and alerted the Korea Internet & Security Agency that the problem occurred. Kiosk operations were quickly put on hold following the incident, and LG Electronics said it had managed to successfully protect files from being encrypted, which is a typical method of ransomware attackers in order to force their victims to pay for the key to unlock targeted computers.
State-run KISA found that the ransomware used in an attempt to encrypt LG Electronics’ service centers bears a resemblance to the WannaCry ransomware, which caused a major compromise to hundreds of thousands of computers in more than 99 countries over the course of 24 hours this May. The ransomware attack is allegedly an offshoot of the hacking tools supposedly built by the United States National Security Agency that were leaked by hacking collective Shadow Brokers in April of this year. The WannaCry incident compromised computers running the Windows operating system. Hackers reportedly carried out the global attacks using a modified variant of the WannaCry ransomware strain, which security experts say is taking advantage of a certain Windows bug. During the same month, Samsung was reported to have joined forces with the South Korean government in a bid to beef up security for mobile devices following the WannaCry attack, though it remains unknown how the two organizations plan to deal with the issue.
It now appears that some strain of the WannaCry ransomware is still alive despite various efforts to contain the malware, as KISA believes that some of LG Electronics’ self-service kiosks have been targeted by the same malicious code that hit several countries in May. The South Korean security agency added that it needs to conduct further investigation on the incident to identify the root cause of the problem. The good news is that the company has now updated the security system in those kiosks, which have since returned to business as usual.