Let's roll the 3d6 dice on today's security drama: Ah, 15, that's LG allegedly hacked, source code stolen by Maze ransomware gang

Let's roll the 3d6 dice on today's security drama: Ah, 15, that's LG allegedly hacked, source code stolen by Maze ransomware gang

Maze ransomware masterminds claim to have stolen source code from LG after hacking into the electronics giant.


Researchers at security outfit Cyble clocked screenshots of files, apparently swiped from LG's internal network, posted on the malware gang's website, where the miscreants boast about their victims.


"Soon you’ll be able to know how the LG company lost the source code of its products for one very big telecommunications company, working worldwide," the crooks warned in an announcement on their site this week.


Maze's operators not only use their ransomware to scramble file-systems on hacked corporate victims, they also exfiltrate sensitive information, and show a glimpse of that data on their site to prove they mean business. If a victim doesn't pay up, the gang starts publicly leaking the purloined files. This is particularly effective when companies try to opt for the "nuke and pave" recovery approach of reformatting and restoring from backups, if they have them.


It seems the hackers were able to get into computers linked to LG's lgepartner.com domain, based on the screenshots we've seen, and extract at least some of the data stored within. It appears the files related to internet or cellular-connected devices. LG makes a huge range of stuff, from smart fridges to telecommunications gear. Someone could use the leaked source code to hunt for security vulnerabilities in products to exploit.


Ransomware crims to sell off 'scandalous' files swiped from Mariah Carey, Nicki Minaj, Puff Daddy's legal eagles


READ MORE

It is not yet clear how the attackers we ..