South Korean multinational LG Electronics have supposedly had their website breached and locked by Maze ransomware operators. No details about this attack have been released as of yet, but the cyber criminals claim to have stolen proprietary information for projects involving big US companies.
LG Electronics has been reportedly hit by a Maze ransomware attack. The report states that Maze ransomware operators claim to have breached and locked LG Electronics’ network. The hackers claim they have stolen proprietary information for projects that involve big US companies and one of them seems to be AT&T. As of now, it is unclear how the Maze ransomware operators hacked into LG’s network and what their demands are. The attackers have shared some screenshots of stolen data from a Python code repository.
Maze ransomware was first discovered in 2019. The goal of this ransomware, according to McAfee’s blog, is to encrypt files on a system blocking access to them and releasing this block when the ransom has been paid or the demands have been met. Its operators can also send the data back to the hackers who can then release the data to the public, or sell it if the ransom is not paid.
As per the report by Bleeping Computer, LG Electronics seems to have been attacked by Maze ransomware. The attackers posted a few screenshots of the data they stole, stating that they were able to steal 40GB of Python code that LG developed for large companies in the US. One of the screenshots shared by the hackers shows a split archive for a .KDZ file which is said to be the official stock firmware code from LG, as per the report. The attack seems to have taken place on or before June 22 as that is when the hackers put out a press release stating that they will soon reveal how LG company’s source code was stolen that belonged to “one very big telecommunications company, working worldwide”.
This telecommunication company they are referring to could be AT&T, an American multinational conglomerate holding company and one of the world’s largest telecommunication companies. The Maze ransomware operators shared three screenshots on their website, one of which shows several files with “xxx_00_ATT_US_OP_xxx” name. This suggests that the firmware was developed for AT&T. The report also states that 41 LG phones and four tablets are listed on AT&T’s support page.
It is unclear how the Maze ransomware operators got access to the data and what their demands are. Gadgets 360 reached out to LG for clarity, and received the following statement as a response: « At LG we take cybersecurity issues very seriously and are looking into this alleged incident. If necessary, we will involve appropriate law enforcement agencies if there is evidence that a crime has been committed but to date, we have not received any communication from anyone regarding this supposed theft. »