KT Corp. Implanted Malicious Software in Users' Computers in Korea

TapTechNews, Jun 27th. A well-known Korean news agency, JTBC, has recently discovered through in-depth investigation that one of the Korean telecom giants, KT Corp., deliberately implanted malicious software into more than 600,000 users in an attempt to prevent them from using the torrent service.

The incident started in May 2020, when the Korean cloud service provider Webhard received a large number of user complaints about unexplained program errors. After investigation, it was found that the Webhard's disk service called 'GridProgram' based on the BitTorrent technology was maliciously damaged. An unnamed representative of Webhard said, 'We suspected that the disk service was under hacker attack, which was extremely malicious and seriously affected the program operation.'

After further investigation, Webhard company noticed that all the affected users used the network service provided by KT Corp. The representative said, 'Only KT users encountered problems. The malicious software would create strange folders or hidden files on the users' computers and completely disable the Webhard program. In some cases, the users' computers were even paralyzed, so we reported to the police.'

After receiving the report, the police launched an investigation and traced the source of the malicious software to the KT Corp. data center in the south of Seoul. The Korean authorities believe that KT Corp.'s move may have violated relevant laws such as the Korean 'Communications Secret Protection Act' and the 'Information and Communication Network Act'. Currently, the police have identified and accused 13 related personnel, including KT Corp. employees and outsourcers who participated in the malicious software attack last November, but the investigation is still ongoing.

According to reports, KT Corp. argued that it directly implanted malicious software on the computers of customers using the Webhard disk service because this program was a malicious program, and they had no choice but to control it. However, the key issue is not that Webhard uses the BitTorrent protocol, but installs malicious software on users' computers without the users' consent.

TapTechNews noted that Webhard and KT Corp. had disputes over the 'GridProgram' disk service issue before. Webhard company said that by allowing users to store and transfer data through the peer-to-peer service, it could save billions of won because it did not need to store the data on its own servers. However, a large number of 'GridProgram' disk service users put great pressure on KT Corp.'s network, and the two companies went to court.

The court finally made a judgment in favor of KT Corp. The court believes that Webhard company did not pay the network usage fee of KT Corp. for its peer-to-peer system and did not explain the operation mechanism of the disk service to users in detail. Therefore, it is not unreasonable for KT Corp. to block the network traffic of Webhard. However, KT Corp. did not take the conventional means such as blocking the IP address, but implanted malicious software into the large number of personal computers of the 'GridProgram' disk service users. The vast majority of the affected users are individual users, not enterprises or companies, and they have no idea what happened.