Darren Cauthon, a software developer, got a Christmas present this year he didn’t ask for and didn’t want.
On Christmas day, his family downloaded and installed an app on their Android-based LG Smart TV and wound up getting a ransomware infection. He took a photo of his TV screen and published it as proof. It is the first known instance of ransomware infecting a television set “in the wild,” but it certainly won’t be the last.
In 2015, security researcher Candid Wueest proved that it was theoretically possible by infecting her own smart TV as a demonstration, but it didn’t get a lot of attention. Needless to say, it’s getting more attention now. What’s worse is the fact that it’s fairly difficult to remove. Attempting to restore the device to factory default settings was ineffective.
When Cauthon called LG’s tech support, they promised they’d send a tech out for $350, which wasn’t much of a savings, since the hackers were only asking for $500 to unlock the set. In the end, Cauthon found the solution, but it involved a lot of hoop jumping.
Working with LG’s tech support on the phone, he was able to put the TV into recovery mode, which allowed the data to be manually wiped, which is a long, painful process that amounts to a more thorough factory reset.
While this was (eventually) successful, it should be noted that Cauthon’s software development background gave him a significant leg up where dealing with this issue was concerned, and even for him, it was a tortuous process that took several hours. The average user would have essentially no chance of success, and be left with few options other than simply paying the ransom and hoping the hackers were true to their word.
It’s an interesting case that highlights just how vulnerable our “smart” devices are, and the potential complications that can arise from our increasing reliance on them.