Maze ransomware operators claim to have breached LG Electronics

Pierluigi Paganini June 25, 2020

Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics.

Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators.

“As part of our regular darkweb monitoring, our researchers came across the data leak of LG Electronics been published by the Maze ransomware operators. Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.” reads the post published by Cyble.

LG Electronics is a South Korean multinational electronics company headquartered in Yeouido-dong, Seoul, South Korea. LG Electronics is part of the fourth-largest chaebol (large family-owned business conglomerate) in South Korea (LG Corporation). In 2014 its global sales reached $55.91 billion (₩ 59.04 trillion), LG comprises four business units: Home Entertainment, Mobile Communications, Home Appliances & Air Solutions, and Vehicle Components employing a total of 83,000 people.

The data leak was announced on the Maze ransomware leak site:

As usual, the Maze ransomware operators threaten the victims to pay the ransom to avoid their data being leaked online. A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak.

At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” continues Cyble. “While the other screenshot seems to list out the source code of its products, as stated by Maze in their recent press release.”

Recently Maze Ransomware gang breached the US chipmaker MaxLinear and Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions.

Maze ransomware operators are very active in this period, recently they have stolen data from US military contractor Westech and the ST Engineering group, and they have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.

Previous victims of the ransomware gang include IT services firms Cognizant and Conduent.

Below recommendation published by Cyble:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – LG Electronics, Maze ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment