WannaCry is causing havoc yet again, with LG its latest victim.
The WannaCry malware dominated headlines earlier this summer, as it infected more than 300,000 Windows systems and disabled numerous networks.
It had the potential to wreak havoc and expose the data of thousands of private citizens and organisations, but was thwarted almost accidentally last May by Devon infosec expert Marcus Hutchins.
At the time, Hutchins warned that the story of WannaCry was not close to an end. “This is not over. The attackers will realise how we stopped it, they’ll change the code and then they’ll start again. Enable Windows Update, update and then reboot.”
Microsoft released an emergency patch to help protect computers running Windows XP, despite the company ceasing support for the now-ancient OS in 2014, Wired reported at the time.
WannaCry detected in South Korea
According to ZDNet, the ransomware identified as WannaCry was detected on 14 August on an LG self-service kiosk in South Korea. An LG spokesperson confirmed to ZDNet that the malicious code found “was known as WannaCry”.
The access at the service centre was immediately blocked, and the company stated that no data had been lost and no ransom was paid. The Korean Internet and Security Agency is currently working with LG to determine how WannaCry managed to infect the network.
LG stated that all unmanned terminals infected with the ransomware were working as normal after two days, and “all security updates of the unmanned reception terminals that had been infected with malicious code have been completed”.
On 2 August, a Twitter bot created by journalist Keith Collins found that the original WannaCry attackers had withdrawn more than $140,000 worth of bitcoin from their virtual wallets, with Symantec saying it was likely that North Korean hackers were responsible.
— Keith Collins (@collinskeith) August 3, 2017
A warning to those neglecting cybersecurity measures
Given the scale of the attack earlier this year, and the amount of large corporations and public organisations that were affected, the spoils were relatively small.
If anything, this incident should serve as a warning to organisations and individuals alike to install critical cybersecurity updates as soon as they become available.