Thousands of South Korean Users Can’t Explain How Their Devices Got Infected With Malware. The Main Suspect: Their Internet Provider

A South Korean ISP is embroiled in controversy for purportedly intentionally distributing malware to its customers.

No comments Twitter Flipboard E-mail

If your computer were to get infected with malware one day, the last thing you’d think of would be to blame your Internet Service Provider (ISP). The more likely explanations suggest you might’ve fallen for phishing traps to download malware or even plugged in a compromised USB drive. However, in South Korea, some users have at least one reason to think otherwise.

KT, South Korea’s leading ISP, is embroiled in a controversy that has caused quite a stir. South Korean news site The Public reports that law enforcement authorities are investigating KT for allegedly placing malware on thousands of its customers’ computers. Many believe this alleged maneuver, which is both irrational and dangerous in nature, has been motivated by a long-standing feud between the company and the P2P file-sharing services that use its resources.

KT, in the Eye of the Storm

According to The Public, four years ago, many KT customers were unable to use protocols like BitTorrent. This services enable decentralized content sharing, which means that protocols are not hosted on the company’s servers. Affected users also reported experiencing unusual behavior with their computers, such as unexplained folders and operating system crashes.

KT customers finally filed a report about these issues. In 2020, the Cyber Investigation Unit of the Gyeonggi Nambu Police Agency started to look into the matter. As reported by South Korean TV channel JTBC, the police investigation suggested that the malware originated from KT’s Bundang IDC Center, a telecommunications data center located in the southern part of Seoul. As a result, the police intervened and took down some of its infrastructure.


Since then, the case has escalated. Authorities have escalated the investigation and subpoenaed dozens of KT employees and contractors on suspicion of violating the country’s Protection of Communications Secrets Act and Information and Communications Network Act. The Suwon District Prosecutor’s Office has requested a supplementary investigation by the police, which has just been launched.

KT allegedly intercepted data packets from its customers and analyzed them to limit their ability to use P2P services. It then developed and distributed a malicious program using its ISP position. According to the news website Hankook, the company denied the allegations but admitted to engaging in “legitimate traffic management” on more than one occasion.

We’ll have to wait to know the outcome of this case. However, if true, it’d certainly put the Korean ISP in a compromising situation. In any case, this isn’t the first dispute between KT and P2P services. In 2015, the company attempted to block decentralized file-sharing protocols at the network level, resulting in a legal battle. In 2019, the Korean Supreme Court found that KT had not broken any laws.

Image | KT| Ed Hardie

Related | Windows XP Is One of the Most Dangerous Operating Systems: This Is How Easy It Can Get Infected With Malware

Home o Index