Korean telco allegedly infected its P2P users with malware
KT may have had an entire team dedicated to infecting its own customers
A South Korean media outlet has alleged that local telco KT deliberately infected some customers with malware due to their excessive use of peer-to-peer (P2P) downloading tools.
The number of infected users of “web hard drives” – the South Korean term for the online storage services that allow uploading and sharing of content – has reportedly reached 600,000.
Malware designed to hide files was allegedly inserted into the Grid Program – the code that allows KT users to exchange data in a peer-to-peer method. The file exchange services subsequently stopped working, leading users to complain on bulletin boards.
The throttling shenanigans were reportedly ongoing for nearly five months, beginning in May 2020, and were carried out from inside one of KT's own datacenters.
- Julian Assange to go free in guilty plea deal with US
- Mozilla is trying to push me out because I have cancer, CPO says in bombshell lawsuit
- NASA ought to pay up after space debris punched a hole in my roof, homeowner says
- Starliner to remain docked to the ISS into July – with no new departure date
- Humanity's satellite habit could end up choking Earth's ozone layer
The incident has reportedly drawn enough attention to warrant an investigation from the police, which have apparently searched KT's headquarters and datacenter, and seized evidence, in pursuit of evidence the telco violated South Korea’s Communications Secrets Protection Act (CSPA) and the Information and Communications Network Act (ICNA).
The CSPA aims to protect the privacy and confidentiality of communications while the ICNA addresses the use and security of information and communications networks.
The investigation has reportedly uncovered an entire team at KT dedicated to detecting and interfering with the file transfers, with some workers assigned to malware development, others distribution and operation, and wiretapping. Thirteen KT employees and partner employees have allegedly been identified and referred for potential prosecution.
The Register has reached out to KT to confirm the incident and will report back should a substantial reply materialize.
But according to local media, KT's position is that since the web hard drive P2P service itself is a malicious program, it has no choice but to control it.
P2P sites can burden networks, as can legitimate streaming - a phenomenon that saw South Korean telcos fight a bitter legal dispute with Netflix over who should foot the bill for network operation and construction costs.
A South Korean telco acting to curb inconvenient traffic is therefore not out of step with local mores. Distributing malware and deleting customer files are, however, not accepted practices as they raise ethical concerns about privacy and consent.
Of course, given files shared on P2P are notoriously targeted by malware distributors, perhaps KT the telco assumed its web hard drive users wouldn't notice a little extra virus here and there. ®