WannaCry ransomware attack on LG Electronics

LG Electronics confirmed that WannaCry ransomware was responsible for last week’s infections that took down self-service kiosks.

LG had to shut down systems for two days and also blocked access to the service center in an effort to prevent the spread of infection, ZDNet reports.

Security updates were since made to the affected systems, which leads one to believe the kiosks were not patched as needed to fix the critical SMB vulnerability (see MS17-010) exploited by WannaCry on over 300,000 systems earlier this year.

The file-encrypting malware used a previously leaked NSA vulnerability called EternalBlue.

Trend Micro also warns of a new cryptocurrency miner malware threat that also takes advantage of the EternalBlue SMB vulnerability (MS17-010) by using WMI and EternalBlue to spread filelessly.

First detected in the Asia-Pacific region back in July, the malware is extremely stealthy and persistent.

Leave a Reply

Close Menu