Software Integrity

 

Yes, Virginia, smart televisions can get ransomware

Over the holidays, a software engineer disclosed to Twitter that a family member had contracted ransomware on their smart TV.

Software engineer Darren Cauthon said his wife had downloaded an app and was in the process of watching a movie when the TV froze. He rebooted the TV except when the image came up, it was a sideways notice ostensibly from the FBI. The message on the screen read:

DEPARTMENT OF JUSTICE
FEDERAL BUREAU OF INVESTIGATION
FBI HEADQUARTERS
WASHINGTON DC DEPARTMENT, USA
AS A RESULT OF FULL SCANNING OF YOUR DEVICE, SOME SUSPICIOUS FILES HAVE BEEN FOUND AND YOUR ATTENDANCE OF THE FORBIDDEN PORNOGRAPHIC SITES HAS BEEN FIXED. FOR THIS REASON YOUR DEVICE HAS BEEN LOCKED.
INFORMATION ON YOUR LOCATION AND SNAPSHOTS CONTAINING YOUR FACE HAVE BEEN UPLOADED ON THE FBI CYBER CRIME DEPARTMENT’S DATACENTER.

Cauthon took to Twitter with the news.

Family member’s tv is bricked by Android malware. #lg wont disclose factory reset. Avoid these “smart tvs” like the plague. pic.twitter.com/kNz9T1kA0p
— Darren Cauthon (@darrencauthon) December 25, 2016
https://twitter.com/darrencauthon/status/813096722989809665

LG’s TVs usually run WebOS however some older models do use the Google TV, which has since been discontinued. It is possible that Cauthon’s wife may have searched Google Play for the app (which he still hasn’t disclosed) and downloaded the Flocker Ransomware instead.

Cauthon asked LG for the reset process. Initially the company said no, and that he’d have to bring the TV in for a $300 repair. Given it was an older TV that didn’t make much sense, Cauthon said. Eventually LG did give him the reset process, which according to the Register is:

“With the TV powered off, place one finger on the settings symbol then another finger on the channel down symbol. Remove finger from settings, then from channel down, and navigate using volume keys to the wipe data/ factory reset option.”

Initially the story seemed dubious, however notable security researchers such as Graham Cluley have weighed in. “Given ransomware’s ongoing evolution, I doubt we have heard the last of crypto-malware infecting smart TVs. Should your TV ever experience an infection, follow Cauthon’s example and contact the manufacturer for help. In the meantime, make sure you’re careful about what apps you download onto your TV set.”