U.S. Markets closed

Ransomware Ruins Holiday By Hijacking Family's LG Smart TV on Christmas Day

AJ Dellinger
A software engineer found his family's LG TV running Google TV compromised by ransomware on Christmas day. The virus demanded a $500 fee be paid before unlocking the TV.

Typically when we think of people who ruin the holidays, it’s characters like the Grinch or Ebenezer Scrooge. For one unfortunate family, it was a hacker who put a damper on the season by infecting a television with ransomware.

Software engineer Darren Cauthon shared the incident one of his family members ran into on Christmas day when they found their LG smart TV to have been hijacked by a malicious virus that held the display hostage.

Technical support site Bleeping Computer identified the infection as a version of Cyber.Police ransomware —otherwise known as FLocker, Frantic Locker or Dogspectus.

The relatively common permutation of an Android virus presents itself as coming from a law enforcement agency and requests users pay a fine to regain access to their device.

In Cauthon’s case, the message appeared as a full screen letter that purported to come from the Federal Bureau of Investigation. The message claims a scan by the bureau discovered suspicious files on the device and demands a $500 fine be paid to unlock the device and return it to a usable stage.

The ransomware was acquired on the TV after the family downloaded an app to watch a movie, though it’s not clear if it was downloaded from the Google Play Store or a third-party app service.

The TV from LG was one of several models the company sold that ran Google TV, a now-defunct smart TV operating system built by Google. The short-lived TV operating system used Google’s Android operating system to create an overlay that provided access to apps and web browsing features on the equipped TV.

A spokesperson for LG initially pointed out to IBTimes that LG smart TVs run WebOS, an open-source Linux-based operating system. The company did switch to WebOS but the model in question in the ransomware case, the now discontinued LG 50GA6400, can be found on LG’s site and is advertised as coming with Google TV.

“LG sold a few Google TV models three or four years ago, but we’ve never heard of any issues like this before,” an LG spokesperson told IBTimes. “Unlike LG’s own smart TV platform, WebOS, where we are responsible for the user interface, Google owns full operation of the Google TV platform and the relationship with the user. Hate to pass the buck on this one, but this does not appear to be an LG issue. The responsibility would seem to belong to Google.”

According to Cauthon, he attempted to perform a factory reset on the device but couldn’t find information as to how complete the process online. When he tried to take the device in for LG’s technicians to solve, they reportedly required a $340 payment—just slightly less than the ransom cost itself.

LG has since disclosed a set of instructions to perform a factory reset according to Cauthon, which he hopes will override the ransomware and return the TV to its factory default state.

Google did not respond to request for comment.

Related Articles