(ATTN: UPDATES with KT’s response in final 3 paras, photograph)
SEOUL, Nov. 6 (Yonhap) — KT Corp., South Korea’s second-largest cellular service, was discovered to have hid crucial malware infections and didn’t report the safety breaches that led to a latest hacking and information theft incident, a government-led investigation revealed Thursday.
The joint government-private investigation workforce, which is analyzing KT’s latest cyberattack linked to unlawful micro base stations, mentioned the corporate discovered between March and July of 2024 that 43 of its servers had been contaminated with so-called BPFDoor malware and different malicious code.
Regardless of detecting the infections, which uncovered buyer information, the corporate didn’t notify authorities and as a substitute tried to deal with the difficulty internally, in accordance with the workforce.
BPFDoor malware allows distant attackers to bypass firewalls and preserve long-term entry to compromised techniques. It was additionally utilized in a separate hacking case involving trade chief SK Telecom Co. reported earlier this yr.
Investigators confirmed that the contaminated KT servers contained prospects’ private data, together with names, telephone numbers and electronic mail addresses, in addition to worldwide cellular tools id (IMEI) information.
The workforce mentioned it regards the concealment as being of “grave concern” and plans to work with related authorities to find out correct authorized measures.
This photograph, taken Nov. 5, 2025, reveals a KT retailer in Seoul with a discover displaying the cellular service’s plan to supply free USIM replacements to deal with buyer information safety issues. (Yonhap)
The probe additionally revealed critical vulnerabilities in KT’s femtocell administration, which allowed unauthorized gadgets to connect with the corporate’s inside community.
A femtocell is a small, low-power mobile base station, sometimes designed to be used in properties or small companies.
“KT’s femtocell administration system was typically poor, creating an setting by which unauthorized femtocells may simply entry the corporate’s inside community,” the workforce mentioned.
The investigation concluded that hackers controlling unlawful femtocells have been in a position to disable end-to-end encryption, permitting the interception of customers’ cost authentication information.
The Ministry of Science and ICT mentioned it can conduct a authorized evaluation to find out whether or not KT’s actions have been in breach of the legislation and represent grounds for buyer compensation.
The investigation was launched after 368 KT prospects suffered monetary losses totaling 240 million received (US$167,000) in August by means of illegally operated micro base stations.
This photograph taken Nov. 6, 2025, reveals a gate at KT’s constructing in central Seoul. (Yonhap)
KT started providing free common subscriber id module (USIM) replacements to all prospects Wednesday to deal with rising information safety concern amongst customers.
Officers added that KT has been referred to legislation enforcement authorities on suspicions of obstructing justice for allegedly offering false data and concealing proof throughout the probe.
KT may additionally face a possible monetary penalty from the Private Info Safety Fee, much like the one imposed on SK Telecom for its personal hacking incident earlier this yr. SK Telecom was fined 134.7 billion received by the fee for the same information breach.
Following the federal government briefing, KT mentioned in a press release it can take the investigation outcomes “significantly” and apologized for the delay in reporting the information breach to the federal government.
“KT will faithfully cooperate with the government-led investigation into unauthorized micropayment breach instances and make all-out efforts to make sure community safety and defend prospects,” the corporate mentioned.
The cellular service added it can proactively work with exterior consultants to deal with evolving safety threats and set up a dependable community setting.
Choi Woo-hyuk, head of community coverage on the Ministry of Science and ICT, speaks throughout a briefing on the authorities complicated in Seoul on Nov. 6, 2025, relating to a government-led investigation right into a hacking incident involving cellular service KT Corp. (Yonhap)
odissy@yna.co.kr
(END)
