A Korean Internet Service Provider (ISP) is said to have intentionally installed malware on customers’ computers. The malware, disguised as a network management solution, was intended to disrupt BitTorrent traffic.
advertisement
As reported by Korean newspaper JBTC, internet service provider KT, formerly trading as Korea Telecom, is said to have taken the action due to heavy download activity from its customers.
Malware against bandwidth hogs
File sharing is still very popular in South Korea, but the technology used is different from that in other countries. Paid BitTorrent-powered services called “Webhard,” short for “Web Hard Drive,” are particularly popular there. These services provide dedicated web seeds to ensure file availability. The distribution technology relies on peer-to-peer networks, which can put a significant strain on bandwidth under heavy load.
The manipulation was noticed when several Webhard users received error messages. The errors only occurred with KT customers. JBTC investigated these incidents and ultimately determined that the ISP KT appeared to have installed malware on computers running Webhard services. According to the analysis, the malware was present on more than 600,000 of the provider’s customers.
Techspot reports that experts from the Gyeonggi South District Police Office have since searched KT’s data center and headquarters. Large amounts of computers and documents were seized. KT and some of its partner companies are now accused of deliberately installing malware to eavesdrop on subscribers and disrupt data transfers.
In total, at least 13 people are said to have been involved in these actions, including KT employees and employees of former partner companies. One group was responsible for developing the malware. Another was concerned with the distribution and operation of the programs as well as the evaluation of the data provided.
These measures are said to have been in place for several years. The connection between KT customer accounts and system issues with Webhard applications was first noted four years ago. KT claims that it is simply managing traffic on its network to ensure smooth operations.
(University of Southern California)
