A South Korean ISP is at the center of controversy for apparently having intentionally distributed malware to its customers
June 27, 2024, 9:00 p.m.
Updated June 27, 2024, 9:04 p.m.
If one day our computer were to become infected with malware, the last thing we would think about would be to blame our computer directly. internet service provider (IPS). We could have fallen into traps of phishing to download malicious software or even have connected a compromised USB drive. In an Asian country, however, some users have at least one reason to think very differently than we do.
South Korea’s largest ISP is embroiled in a controversy that has caused quite a stir. The Public reports that KT is being investigated by law enforcement authorities for allegedly planting malware on thousands of its customers’ computers. This alleged move, which is as irrational as it is dangerous, is said to have been motivated by an old feud between the company and P2P file-sharing services that drain its resources.
KT, in the eye of the hurricane
About four years ago, explains the aforementioned local media, a huge number of KT customers stopped being able to use protocols such as BitTorrent which allow content to be shared in a decentralized manner, that is, without being hosted on a company’s servers. Along with this limitation, affected users also detected strange behavior on their computers, such as folders they had not created and operating system crashes.
The flood of complaints from KT customers eventually turned into a lawsuit. In 2020, an investigation was launched by the Gyeonggi Nambu Police Agency’s Cyber Investigation Team. As reported by JTBC, reports suggested that the malware originated in the Bundang IDC Center, a data center owned by the telecommunications company located south of Seoul, prompting the police to seize part of its infrastructure.
The case has been escalating since then. Authorities have intensified the investigation and summoned dozens of KT employees and contractors on suspicion of violating the Communications Secrets Protection Act and the country’s Information and Communications Networks Law. The Suwon District Prosecutor’s Office, for its part, has requested the start of a complementary investigation by the police, which is what has just been launched.
KT is said to have intercepted data packets from its customers, then analysed them and took measures to limit their ability to use P2P services. From this, they developed a malicious program that they easily distributed thanks to their role as an Internet service provider. The company, Hankook explains, has denied the accusations, although on more than one occasion it has said that it has carried out “legitimate traffic management”.
We will have to wait to know the outcome of this case which, if true, would put the ISP in a very compromising situation. But, as we pointed out at the beginning, the contest between KT and P2P services is not really new. The company attempted to block decentralized file-sharing protocols at the network level (not with malware) in 2015, which led to a legal battle. In 2019, the court considered that KT had acted legitimately.
Images | KT | Ed Hardie
In Xataka | Dangerous malware left more than 600,000 routers unusable in just 72 hours: experts have many questions
