Looks like cybercriminals are starting to hit people where it really hurts: Blocking their bingeing on Netflix, and watching sports and an array of niche TV shows from the dark recesses of the cable network world. Smart TVs, in other words.
Japan alone has reported more than 300 ransomware attacks on smart TVs this year, marking a sharp increase in cyberattacks targeting internet of things (IoT) appliances, according to Trend Micro. Typically, the affected TVs will be locked, and a ransom message pops up asking for 10,000 yen (around $100) to be paid within 72 hours.
Over the summer Trend Micro discovered that an Android mobile lock-screen ransomware, known as “FLocker,” (short for “frantic locker”) is capable of locking smart TVs as well. That variant of FLocker is a police Trojan that pretends to be US Cyber Police or another law enforcement agency. It accuses potential victims of crimes they didn’t commit. Then, it demands a ransom (initially, it was asking for $200 worth of iTunes gift cards).
“Based on our analysis, there are no major differences between a FLocker variant that can infect a mobile device and one that affects smart TVs,” the firm said.
FLocker was the ransomware that hit software engineer Darren Cauthon over the holidays this year in a widely reported incident. An LG smart TV belonging to a family member was locked on Christmas day.
"They [the relatives] said they downloaded an app to watch a movie,” he tweeted. “Halfway thru movie, tv froze. Now boots to this."
He said that he tried to reset the TV to factory settings, but the reset procedure available online didn't work. He then contacted LG, which advised him to visit a service center; the technicians were able to unlock his TV, but charged him $340 for the privilege.
"Avoid these 'smart tvs' like the plague," Cauthon tweeted, following his discussion with the TV maker.
"The steady rise and rapid pervasiveness of ransomware has now hit home – literally,” Aaron Higbee, CTO and co-founder of PhishMe, told Infosecurity. “Ransomware capabilities have expanded to infect Android powered consumer household devices and mandates a change to the way we think about cybersecurity. Malicious software is growing in complexity and is expanding capabilities beyond PCs.”
Mitigation for this is simple: Be careful about which apps are installed. In this case, the TV ran on Google TV, an outdated operating system that nonetheless still powers millions of smart-TVs out in the field. Users with such TVs should only download apps from the official Google Play Store, not from a third-party source.
“While automated IT security technology does catch many attacks, the human is the truly last line of defense and must be ready to intercept these attacks once they've passed through layers of technology,” Higbee said. “It's more important than ever that people are conditioned into recognizing cyberattacks and have a way to report suspect activity. This is the only way to truly prevent hackers from completely shutting down critical systems and holding hostage access to everyday necessities, not to mention blocking access to our favorite television shows."
Photo © dennizn