Security News To combat torrent traffic, a South Korean ISP deployed a bold strategy: Infecting 600,000 of its own customers with malware

brambedkar59

Level 31
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,097
According to a report from Korean news agency JTBC, users of torrent-based "webhard" services—file storage and transfer platforms that are popular in South Korea—began reporting in 2020 that they were experiencing slow transfers, busted files, and malfunctioning PCs. When one of the webhard providers noticed all the users experiencing issues were KT customers, the company reported the information to Korean law enforcement.


ISPs have waged war against torrent traffic for years. In the US, before those few years where the FCC decided to give things a go without net neutrality (it didn't go well), Comcast earned itself a cease-and-desist in 2008 after throttling BitTorrent transfers. Legal protections and networking advances have seen those efforts subside somewhat in recent years, making it even wilder that Korean police found evidence suggesting that KT was distributing malware to its own customers as punishment for using P2P services.

A follow-up JTBC report describes how, following a search of KT headquarters, it appears that the ISP had formed a team to develop and distribute malware, allegedly "wiretapping" data exchanged between KT subscribers accessing webhard services and interfering with their transfers. While it's difficult to parse out confirmed specifics without any English reporting from JTBC, it seems like KT's explanation for its malware task force is that the team was an attempt to control what it considered "malicious services," and that there were only a few people involved, so who can you even blame, really?

According to the police investigation, the malware squad's operation allegedly followed internal KT discussions about minimizing ongoing networking costs and involved dozens of devices, calling into question just how isolated within the company the operation was. I'm no expert, but if it was me, I'd have maybe tried some IP bans instead?
 

EstrellaRhodes

Level 1
Jun 3, 2024
34
It's hard to believe an ISP would go to such lengths to combat torrent traffic by allegedly distributing malware to their own customers. The whole situation with KT sounds like something out of a spy novel, especially with the reported development of a malware task force within the company. It’s crazy to think about how much they went instead of using more straightforward methods like IP bans. This definitely raises some serious questions about ethics and legality.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top