South Korean technology giant LG has been hit with a ransomware attack that could signal the beginning of a new outbreak of the WannaCry virus that crippled hundreds of thousands of computers across the globe in May.
Online security experts have warned that malware that infected kiosks in the company’s service centres was built on code “identical” to that which WannaCry was based on.
LG discovered the ransomware infection on Monday, and alerted the state-run Korea Internet & Security Agency (Kisa) after shutting the kiosks down to prevent the spread of the infection.
The company said the kiosks were reactivated after the application of a security update that provided protection from these types of ransomware attacks.
A Kisa representative said that while the virus that infected the kiosks was found to be based on the same malicious code as WannaCry, more investigation was required to establish the source of the malware.
“The problem was found to be caused by ransomware,” a spokesperson for LG said:
“There was no damage such as data encryption or asking for money, as we immediately shut down the service centre network.”
Separately, workers at Indian firm Rachna Sagar Private Limited were locked out of around 200 computers earlier this month in what is suspected to have been Delhi’s first WannaCry attack.
Staff at the publishing company found they were unable to log into their accounts and that their files had been encrypted by the malware.
In the aftermath of the original WannaCry outbreak, which is said to have affected more than 300,000 devices in some 150 countries, various state law enforcement agencies and a number of online security firms suggested the virus most likely originated from North Korea.
Both the US National Security Agency (NSA) and the UK’s National Cyber Security Centre, along with experts from anti-virus firms Symantec and Kaspersky, said they had found evidence that the ransomware was built by hackers linked to Pyongyang’s shadowy Reconnaissance General Bureau (RGB), North Korea’s spy agency.
In an interview with the Reuters news agency, Kim Heung-kwang, a North Korean computer professor who defected from the isolated nation in 2004, said he suspected the attack had been orchestrated by Unit 180, a secretive RGB cell.
It was reported earlier this month that the cyber scammers behind the WannaCry virus had withdrawn Bitcoins worth an estimated $140,000 (€119,000) from three digital wallets the program told victims to pay ransoms into.
The hackers waited nearly three months to withdraw the digital cash, in a move that investigators hoped would bring them closer to the criminals behind the outbreak, which crippled the UK’s National Health Service and hit numerous blue chip corporations such as Spanish communications giant Telefonica and French carmaker Renault.