Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Hardware
Tom’s Hardware
Technology
Jowi Morales

South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs

KT Corporation logo on building.

Korean news organization JTBC recently discovered through an in-depth investigation that KT Corporation, one of the largest telecom providers in South Korea, deliberately infected over 600,000 users with malware over their use of torrent services.

The issue began in May 2020 when Webhard, a Korean cloud service provider, was inundated with user complaints of unexplained errors. The company discovered that its Grid Program, which relies on BitTorrent peer-to-peer file sharing, had been compromised. An anonymous representative of Webhard said, “There is a suspicion of a hacking attack on our grid service. It’s very malicious, interfering with it.”

(Image credit: JTBC)

Upon further investigation, the company noted that all affected users had KT as their internet service provider. The representative added, “Only KT users have problems. What the malware does on the user’s PC is to create strange folders or make file invisible. It completely disables the Webhard program itself. In some cases, the PC itself was also disabled because of it, so we reported it.”

Police officials acted on the information and discovered it came from KT’s own data center south of Seoul. The authorities say that KT may have violated South Korean laws, including the Protection of Communications Secrets Act and the Information and Communications Network Act. They’ve since identified and charged 13 individuals, including KT employees and subcontractors directly connected to the malware attack last November, but the investigations continue today.

According to the news report, KT said it directly planted the malware on its customers that use Webhard’s Grid Service, as it was a malicious program and that “it had no choice but to control it.” However, the main problem here wasn’t Webhard’s use of the BitTorrent protocol but the installation of malware on customer computers without consent.

Webhard and KT have fought in the past over the latter’s use of its Grid Service. The former says that it’s saving tens of billions of Korean Won by allowing its users to use peer-to-peer services to store and transfer data instead of storing it on its servers. On the other hand, the massive number of Grid Service users is straining KT’s network, and the two companies went to court to resolve the issue.

The judiciary actually ruled in favor of KT. It said that Webhard didn’t pay KT network usage fees for its peer-to-peer system and didn’t explain to its users how the Grid Service works in detail. Therefore, it wasn’t unreasonable for KT to block Webhard’s network traffic.

(Image credit: JTBC)

But instead of blocking IP addresses, KT nuked Grid Service users with malware. Unfortunately, most of them were individuals, not businesses or corporations, and they had no idea what was going on.

KT’s move to send and install malware on hundreds of thousands of Grid Service users seems like a financial move, as it likely just wanted to stop them from continually using Webhard’s BitTorrent file-sharing service. But whatever KT’s intentions were, this move led to missing files and damage to customer PCs. Its users were more than just inconvenienced; they likely had to deal with computer problems that stemmed from the company’s actions.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.