KT Under Investigation for Distributing Malicious Software to Subscribers

Apps & Games / Microsoft Malicious Software Removal Tool / Desktop / Windows / News Microsoft Malicious Software Removal Tool for Desktop Windows / KT Under Investigation for Distributing Malicious Software to Subscribers
20 Jul 2024

Internet service provider Korea Telecom, now known simply as KT, has been caught infiltrating hundreds of thousands of its subscribers' computers. According to TorrentFreak, KT installed malicious software on the PCs of clients who preferred downloading files via torrents. This software could block torrent traffic, disrupt torrent clients, and monitor users.

Investigations revealed that KT had been implanting this dangerous software on subscribers' PCs for several years. There’s a clear understanding of why they targeted torrent enthusiasts specifically. In the past, such services created significant load on networks when bandwidth was not as extensive as it is now, and streaming services were non-existent. Providers sought various ways to limit torrent traffic (Russian mobile operators still do this) to avoid overloading their communication channels. It remains to be hoped that providers in other countries do not follow KT's example.

Currently, TorrentFreak reports that torrent network traffic occupies a minimal portion of overall data flow. However, in South Korea, as in Russia, torrents remain very popular, and KT continues its battle against torrent users.

The Judge Might Have Erred

KT distributed malicious software exclusively among torrent users, seemingly to block the corresponding traffic. The duration of this practice is unclear, but in 2020, the provider was already sued for forcibly blocking torrents. At that time, there was no information about the covert installation of blocking malware, and KT won all legal battles, explaining that it restricted torrent traffic to reduce infrastructure costs.

In Korea, torrent enthusiasts prefer local file-sharing services like Webhard (also known as Web Hard Drive), which have their own applications. In 2020, users of such services began reporting application failures and error messages. An investigation initiated by the police and concluded with KT's court victory was continued by the Korean news agency JBTC. Journalists discovered that all the errors and crashes of applications like Webhard, which users complained about, were caused by the malicious software that KT actively installed on its subscribers' computers.

These journalists also estimated the number of affected individuals to be around 600,000. It is possible that the actual number is significantly higher, as KT is a very large provider with a subscriber base of about 16 million people across South Korea – roughly a third of the country's population as of 2024.

Police Are Taking It Seriously

Investigators who handled the case against KT in 2020, having received new evidence of the provider's guilt, now classify its actions as an organized attempt to hack user equipment. The police believe that KT had a dedicated team responsible for spreading malicious software, which not only blocked torrent traffic but also monitored everything users did online.

"The team consisted of a 'malware development' section, a 'distribution and exploitation' section, and a 'surveillance' section that monitored data sent and received by KT subscribers in real-time," states the JBTC report.

The investigation is still ongoing, but the police have already identified more than 10 potential suspects – their details have been sent to the prosecutor's office. These include employees of both the provider and external companies partnering with KT.

Searches were also conducted at KT's headquarters and data center, with some property confiscated. Investigators believe that the provider violated at least two South Korean laws – the Communications Privacy Protection Act and the Information and Communications Network Act.

KT representatives have yet to comment on the new accusations against the provider.

How to find malicious software on your Mac?

Finding malicious software on a Mac involves several steps. You can start by using the built-in macOS tool, 'Activity Monitor,' to look for suspicious processes. Next, check 'Login Items' in System Preferences for unfamiliar startup programs. Additionally, use reliable antivirus or anti-malware software to scan your system. Look for unknown applications in the 'Applications' folder and unusual network activity via the 'Network Utility.' Regularly update macOS and installed apps to patch security vulnerabilities.

How to check for malicious software on Mac?

To check for malicious software on a Mac, begin with using 'Activity Monitor' to identify unusual processes. Inspect 'Login Items' to see if unknown applications are set to launch at startup. Utilize reputable antivirus or anti-malware programs to perform a system scan. Examine the 'Applications' folder for software you don't recognize. Monitor network usage for any suspicious activity using 'Network Utility.' Always keep your macOS and applications up to date to mitigate security risks and keep your system protected from malware.
Update: 20 Jul 2024
Microsoft Malicious Software Removal Tool

Microsoft Malicious Software Removal Tool download for free to PC or mobile

3
1098 reviews
3722 downloads

News and reviews about Microsoft Malicious Software Removal Tool

Loading...