Ransomware Flaker on Smart TV: Threat of cyber espionage

Initially intended for smartphones, FLocker now also accesses Smart TV devices

Extortionists have found another way into your home. Security experts have long warned that it is only a matter of time before cyber criminals attack Smart TV devices. Now the Ransomware Flaker has hit.

We will tell you what has happened, how the attack takes place, and whether we should all be afraid of this Smart TV virus.

The fact that cyber criminals now attack smartphones, tablets and desktops, is no longer a secret. We have reported previously in our blog about other viruses such as Locky. For the first time, now TV’s connected to the internet can also be infected.

Ransomware after app installation

How it works: The victim’s Smart TV has been infected with a version of “Cyber.Police” – Ransomware, aka Flaker. 500 dollars is demanded from the victim to lift the lock on his television, which he could choose to pay. Or he can turn to the manufacturer who can start the device again. The victim had previously installed an app to watch movies. It turned out that this was a program for illegal streaming that came from a non-secure source. In addition, an important factor: the victim has a device that is equipped with a Google TV operating system, which is no longer supported since 2014. With a current software version, the Ransomware would not have reached the TV, since the corresponding security leak was already plugged some time ago.

FLocker developed for Android

Originally the virus which is called Frantic Locker (FLocker or Flaker) was developed for Android smartphones. FLocker can also attack Smart TV devices, which are equipped with the Android operating system. These include the many TVs from Philips, Sharp and Sony. If you have an internet-enabled television of these brands and visited a damaged website, the Trojan can install itself on the TV and activate a screen. This allegedly shows a message from a US law enforcement agency.

The screen displays criminal offences and threatens prosecution. In order to escape this, a penalty payment has to be made. Especially common is that the Ransomware shows personal data, telephone numbers and also photos, which you have previously watched on the TV. The countdown is intended to build additional pressure and move the victim to pay.

FLocker calls for cash payment

Of course, the ransomware asks for money to unlock the device. But you should not pay under any circumstances. If you do, the blackmailer will know that their trap is working. It is not certain whether the suspension will be lifted after the payment has been made. Also the criminals now know that you are compliant, which could lead to further blackmail attempts.  In addition, the Trojan is remote-controlled so that additional functions or instructions can be reloaded and executed on the infected device. To remove this pest you should approach the TV manufacturer as soon as possible, who can then unlock the TV.

Tips for safe handling of your Smart TV

Basically you should always be aware of the (latent) danger that your Smart TV establishes, when an Internet connection is made. The connection is always active, for example, if your service uses Netflix or your regular TV program via the network instead of via satellite dish or cable. Likewise, modern game consoles, such as PlayStation, connect to the Word Wide Web as soon as you play against other users, visit the store, etc. Important tips and hints for using Smart TV devices are:

  • The firmware of your Smart TV should always contain a current firmware, as known security gaps are closed by the manufacturers during updates.
  • With your Smart TV you should not play movies from unknown sources
  • Never click on unknown links. Attackers could find a way into your TV.
  • Apps only from the official stores should be downloaded.
  • Anyone who is afraid of secret espionage using the Smart TV camera should cover it. Then you can not be seen.