Maze ransomware masterminds claim to have stolen source code from LG after hacking into the electronics giant.
Researchers at security outfit Cyble clocked screenshots of files, apparently swiped from LG’s internal network, posted on the malware gang’s website, where the miscreants boast about their victims.
“Soon you’ll be able to know how the LG company lost the source code of its products for one very big telecommunications company, working worldwide,” the crooks warned in an announcement on their site this week.
Maze’s operators not only use their ransomware to scramble file-systems on hacked corporate victims, they also exfiltrate sensitive information, and show a glimpse of that data on their site to prove they mean business. If a victim doesn’t pay up, the gang starts publicly leaking the purloined files. This is particularly effective when companies try to opt for the “nuke and pave” recovery approach of reformatting and restoring from backups, if they have them.
It seems the hackers were able to get into computers linked to LG’s lgepartner.com domain, based on the screenshots we’ve seen, and extract at least some of the data stored within. It appears the files related to internet or cellular-connected devices. LG makes a huge range of stuff, from smart fridges to telecommunications gear. Someone could use the leaked source code to hunt for security vulnerabilities in products to exploit.
Ransomware crims to sell off ‘scandalous’ files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles
It is not yet clear how the attackers were able to get into the corporate network nor which systems and source code may have been on it.
“As per now, the ransomware operators have only released three screenshots as proof of the data breach,” Cyble noted. “One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently. While the other screenshot seems to list out the source code of its products.”
LG, meanwhile, seems to be in the early stages of its response.
“At LG, we take cybersecurity issues very seriously,” a spokesperson told The Register. “We are looking into this alleged incident and will involve appropriate law enforcement agencies if there is evidence that a crime has been committed.” ®
Sponsored: Webcast: Ransomware has gone nuclear
READ MORE HERE