It has happened again, ransomware infected an LG Smart TV

Pierluigi Paganini January 03, 2017

The software engineer Darren Cauthon reported his LG Smart TV was infected with ransomware on Christmas day, the malware asked for $500 to unlock the device

IoT Ransomware is a scaring reality, the threat will increase in the next months and security firms have been warning IT industry. Routers, smart TV, and CCTVs are all potential victims of such category of malware.

The latest incident in order of time involved an LG smart TV, the software engineer Darren Cauthon reported the device of one of his family members was infected with ransomware on Christmas day.

The TV got the ransomware when the programmer’s wife downloaded an app to the TV promising free movies, it was a ransomware demanding of US$500 to unlock the device.

The ransomware appears to be a version of the Cyber.Police ransomware, also known as FLocker and Frantic Locker.

LG Smart TV ransomware

FLocker isn’t a new threat, it has been around for a year and crooks delivered it to the victims via spam SMS campaigns or sharing malicious links.

The FLocker ransomware was first spotted on May 2015, security experts from Trend Micro detected more than 7,000 strains of the same malware. The threat actors behind the FLocker ransomware has updated over the time the threat improving it and making had its detection by security solutions. Over the past few months, the experts observed a number of spikes and drops in the number of iterations released in the wild, in the last wave of infection observed in the mid-April 2016 the researchers detected over 1,200 variants.

Family member’s tv is bricked by Android malware. #lg wont disclose factory reset. Avoid these “smart tvs” like the plague. pic.twitter.com/kNz9T1kA0p

— Darren Cauthon (@darrencauthon) 25 dicembre 2016

Darren Cauthon’s LG smart TV runs Google TV, a project discontinued by Google in June 2014.

Currently, LG has moved to WebOS, an open-source Linux kernel-based multitask operating system.

Cauthon tried to reset the TV to factory settings, but the reset procedure available online didn’t work, so he decided to contact the customer service. The man was invited to go to a service center for assistance that implied a $340 bill for the support.

Resuming, the Ransomware asked for $500 to unlock the device, but the sad news is that also LG asks a $340 bit of the support.

The story has a happy ending, LG provided hidden reset instructions to remove the ransomware from the LG Smart TV.

The company offered factory reset steps which are not publicly available.

Below the video shared by The Register:

“With the TV powered off, place one finger on the settings symbol then another finger on the channel down symbol. Remove finger from settings, then from channel down, and navigate using volume keys to the wipe data/ factory reset option.” states the The Register.

The TV is saved! Thanks to LG for providing the factory reset instructions. I recorded a YouTube video of the fix: https://t.co/6v7pYzbzqS pic.twitter.com/hV62r68uit

— Darren Cauthon (@darrencauthon) 29 dicembre 2016

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – LG Smart TV, ransomware)

Cybercrime IoT LG Smart TV malware Pierluigi Paganini ransomare Security Affairs

Pierluigi Paganini June 23, 2025

McLaren Health Care data breach impacted over 743,000 people

Pierluigi Paganini June 23, 2025