South Korean telecommunications giant KT Corporation found itself in hot water after deploying malicious software to hinder its customers from using the Webhard BitTorrent file-sharing service. This revelation came to light through an investigation by JTBC, as reported by Tom's Hardware.
Malware Deployment and Investigation
In May 2020, Webhard, a Korean cloud service provider, began receiving numerous complaints from users. The company discovered that its Grid program, which relies on peer-to-peer file sharing via BitTorrent, had been compromised. Initially, Webhard suspected a hacker attack.
Further investigation revealed a common denominator among the affected users: they were all clients of KT Corporation. The malware on their systems created strange folders, rendered files invisible, and in some cases, completely disabled the Webhard program, even causing PCs to shut down.
Webhard reported the issue to the police. Investigators traced the attack back to KT's data center located south of Seoul. Authorities indicated that KT might have violated South Korean laws, including the Telecommunications Privacy Protection Act and the Information and Communications Network Act. Charges were brought against thirteen KT employees and several subcontractors, although the investigation is ongoing.
KT's Justification and Legal Battles
KT admitted to installing special software on its customers' devices, claiming it was necessary to control the allegedly harmful Grid Service from Webhard. However, the core issue was not Webhard's use of the BitTorrent protocol but rather KT's unauthorized installation of malware on customer computers.
Previously, KT and Webhard had clashed over the Grid Service. The high volume of users on this service was straining KT's network. The dispute led to a court case, which KT won. The court ruled that Webhard had neither paid KT for network usage nor adequately explained the service's operation to its users. Consequently, KT decided to block Webhard's network traffic. Instead of blocking IP addresses, KT chose to infect Grid users with malware. Unfortunately, most of the affected users were private individuals who had no idea what was happening.
KT's intention might have been to curb the constant use of Webhard BitTorrent by its customers. However, this action resulted in file losses and computer damage for many users.
In related news, we previously reported that hundreds of thousands of people are at risk of losing money due to a flaw in Chrome and Microsoft Word. According to Proofpoint, hackers have sent over 100,000 messages, impacting thousands of organizations worldwide. Users could inadvertently grant access if they fall for the scam.