South Korean ISP KT Launches Malware Attacks on BitTorrent Users: Multiple Arrests Made
Brook.X
In South Korea, Torrent, a popular file-sharing service, continues to thrive. However, most South Korean users prefer a paid software called Webhard, which facilitates file sharing between users via common protocols.
In May 2020, Webhard began receiving an unusual amount of reports from users about inexplicable errors occurring during routine file-sharing activities. Upon investigating, Webhard discovered that its BitTorrent peer-to-peer file-sharing program, known as the grid service, had been compromised.
The company alerted users that its grid service might have been maliciously hacked, with the hackers targeting BitTorrent traffic, leading to unknown errors in Webhard.
Further investigation by Webhard revealed that all affected users were customers of the South Korean internet service provider (ISP) KT, with the malware completely disabling the Webhard software and, in some instances, preventing users from using their computers normally.
Webhard reported the issue to South Korean law enforcement, and police investigations traced the attack's origins to a KT data center in southern Seoul. Following the investigation, authorities suspected KT of engaging in illegal activities, leading to the arrest and charging of 13 individuals connected to the case, including KT employees and contractors.
KT later issued a statement confirming that it had directly implanted malware into the computers of Webhard users. This unauthorized installation of malware constitutes a clear violation of the law.
KT's drastic action against Webhard users was motivated by a previous dispute over grid services, similar to the restrictions on PT and PCDN by some domestic ISPs. At the time, KT's data center housed numerous devices specifically designed to limit Webhard traffic.
Webhard's reliance on a peer-to-peer sharing protocol for data storage and transfer meant that they did not require significant data center infrastructure or ISP bandwidth for data transmission. However, this resulted in substantial pressure on KT's network due to the sheer volume of data being transferred by BT users, culminating in a legal battle.
The South Korean court deemed KT's blockade of Webhard's network traffic reasonable, citing Webhard's failure to pay network usage fees for the peer-to-peer system and to inform users about how its file-sharing system operated.
Nevertheless, installing malware on users' computers represents a criminal act beyond mere business competition, leading to the arrest of 13 individuals involved in the incident.
