K.T. a major Internet service provider (ISP) in South Korea, would have installed malware on the computers of more than 600,000 of its subscribers without their consent, with the aim of interrupting the use of BitTorrent a service with a lot of traffic.
[Bonus] KT, How to use the app? Tips for downloading 'audio code' on PC | JTBC Monthly News
https://mnews.jtbc.co.kr/News/Article.aspx?news_id=NB12201880
South Korean ISP 'infected' torrent subscribers with malware * TorrentFreak
https://torrentfreak.com/south-korean-isp-infected-torrenting-subscribers-with-malware-240625/
South Korean telecommunications company attacks torrent users with malware: more than 600,000 customers report missing files, strange folders and disabled PCs | Tom Hardware
https://www.tomshardware.com/tech-industry/cyber-security/south-korean-telecom-company-attacks-torrent-users-with-malware-over-600000-people-report-missing-files-strange- folders-and-pcs-disabled
BitTorrent is a peer to peer (P2P) file-sharing system, and BitTorrent was once said to account for one-third of Internet traffic. In recent years, it has not been used as widely as before, but in some countries, such as South Korea, where file sharing is active, the load on networks caused by BitTorrent remains a source of concern for ISPs.
Among Korean BitTorrent users, the paid BitTorrent support service provided by the cloud storage service' webhard ' It is very popular. According to a report by the Korean television station. JTBC KT, one of the largest ISPs in Korea with more than 16 million subscribers, has infected its subscribers' computers with malware to disrupt the use of Webhard.
According to JTBC, in May 2020, Webhard users were inundated with complaints about "unexplained errors." Users not only reported slower file downloads, but also their grid-based Webhard service going offline or experiencing unexplained errors.
Further investigation revealed that all users who experienced the unknown error were using KT as their ISP. A Webhard representative said: 'Only KT users experience this problem. The malware creates strange folders on the PC and makes the files invisible, disabling the Webhard program completely. In some cases, the PC itself became unusable, so we made the problem public.'
Law enforcement authorities investigated the information and discovered that the malware attack originated from KT's own data center south of Seoul. Authorities say KT may have violated the Communications Secrecy Protection Act and the Information and Communications Networks Act, and in November 2023, 13 people, including KT employees and subcontractors, were charged for their involvement in the malware attack, but the investigation continues. still in progress.
Police investigating the case believe it was a coordinated attack. According to a report by JTBC, KT's dedicated team consisted of a malware development department, a distribution and operations department, and an eavesdropping department that examined data sent and received by KT users in real time.
The exact reason KT distributed the malware is unclear, but police say they believe there were internal discussions at KT about network-related costs and that the reduction in financial costs associated with using Webhard was likely the reason. reason.
