{
	"id": "e6028b26-1c39-419c-906a-bf32441bab35",
	"created_at": "2026-04-06T03:37:40.161717Z",
	"updated_at": "2026-04-10T03:20:49.397159Z",
	"deleted_at": null,
	"sha1_hash": "0e15874fe7459eab87e430770f8dcb24b0b4e8e7",
	"title": "LG Electronics allegedly hit by Maze ransomware attack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1374757,
	"plain_text": "LG Electronics allegedly hit by Maze ransomware attack\r\nBy Ionut Ilascu\r\nPublished: 2020-06-25 · Archived: 2026-04-06 02:57:31 UTC\r\nMaze ransomware operators have claimed on their website that they breached and locked the network of the South Korean\r\nmultinational LG Electronics.\r\nThe details of the attack have not been released but the hackers stated that they have stolen from the company proprietary\r\ninformation for projects that involve big U.S. Companies.\r\nProprietary code stolen\r\nThis ransomware operator, like many others, publishes information on their victims when their ransom demands are not\r\naccepted or contact with the breached entity halts.\r\nhttps://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nIn a \"press release\" posted their data leak site on Monday, the threat actors announced that they would provide information\r\non an alleged LG Electronics breach and the source code they stole.\r\nYesterday, Maze told BleepingComputer that they had breached LG electronics and stole 40GB of source code from the\r\nmanufacturer.\r\n\"Also, we would like to announce that in case of not contacting us today we will share information about attack on Lg. We\r\ndownloaded 40GB of Python source codes from Lg. Developments for a biggest companies in US, we will share part of\r\nsource code on Lg later\" - Maze ransomware\r\nWhen asked how many devices were encrypted, the Maze operators told BleepingComputer that this \"information currently\r\nis private and will be provided only to Lg negotiators.\"\r\nIn a new entry on their data leak site today, though, they published alleged proofs of their attack on LG.\r\nThis includes a screenshot of a file listing from a Python code repository.\r\nAnother screenshot published by Maze shows a split archive for a .KDZ file, which is the format for official stock firmware\r\ncode from LG.\r\nIt appears from the image below that the firmware was developed for AT\u0026T. The mobile carrier currently lists 41 phones\r\nand four tablets from LG on its device support page.\r\nhttps://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/\r\nPage 3 of 5\n\nA third screenshot from the attackers shows a snippet of Python code for an email forwarding project.\r\nThis source code indicates that the owner is from the domain lgepartner.com, which is owned by LG Electronics.\r\nSince yesterday morning, BleepingComputer has reached out to multiple LG Electronics email addresses with a request to\r\ncomment on this alleged attack but the company had not answered by publishing time.\r\nWhen sending an email to one email address listed publicly for general media inquiries and corporate communications we\r\nreceived an automated reply informing that the message could be delivered because the user does not exist.\r\nhttps://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/\r\nPage 4 of 5\n\nThere is no information on how Maze was able to breach LG Electronics’ network but initial access methods used by the\r\nactor include connecting via an exposed remote desktop connection and pivoting to valuable hosts via compromised Domain\r\nAdministrator accounts.\r\nSome companies that fell victim to a Maze ransomware attack also had vulnerable systems reachable over the public\r\ninternet.\r\nRegardless of how they got in, Maze has made a reputation of publishing stolen files if they don’t reach an agreement with\r\ntheir victims for a ransom payment.\r\nUpdate [June 25, 08:56 EDT]: Article updated with quote from Maze ransomware operators.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/\r\nhttps://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/"
	],
	"report_names": [
		"lg-electronics-allegedly-hit-by-maze-ransomware-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775446660,
	"ts_updated_at": 1775791249,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0e15874fe7459eab87e430770f8dcb24b0b4e8e7.pdf",
		"text": "https://archive.orkl.eu/0e15874fe7459eab87e430770f8dcb24b0b4e8e7.txt",
		"img": "https://archive.orkl.eu/0e15874fe7459eab87e430770f8dcb24b0b4e8e7.jpg"
	}
}