WTF?! A Korean ISP is reported to have intentionally installed malware on subscribers' computers. The move was designed to interfere with and block torrent traffic, which is believed to have been placing financial pressure on the company.
An investigative report from Korean outlet JBTC states that Internet Service Provider KT, formerly known as Korea Telecom, took extreme measures in the fight against torrenting.
As explained by TorrentFreak, filesharing doesn't make up as much internet traffic as it did years ago, but the practice is still very popular in South Korea. An especially popular element is Web Hard Drive, or Webhard, services. These also offer dedicated web seeds to ensure that files remain available.
Webhard services rely on the BitTorrent-enabled 'Grid System,' which became popular enough to draw the attention of ISPs due to the costly high amounts of bandwidth being used by these torrent transfers.
KT, which is one of the country's largest ISPs, was involved in a court case in 2020 over throttling users' traffic. The company said network management costs were the main reason for its interfering, and the court found in the ISP's favor. But new reports now show that the company was doing more than just slowing downloads.
Many Webhard users found that the services went offline or reported unexplainable errors four years ago. The common factor was that they were all KT subscribers. JBTC's investigation found that the ISP was installing malware on computers of Webhard services, affecting around 600,000 customers.
A dedicated team at KT comprised of a malware development section, a distribution and operation section, and a wiretapping section is alleged to have planted the malware to eavesdrop on subscribers and interfere with their private file transfers. KT is essentially accused of accessing and altering data on users' computers to limit torrent traffic.
The Gyeonggi Southern District Police Office, which conducted a search and seizure of KT's data center and headquarters, believes that the company may have violated the Communications Secrets Protection Act and the Information and Communications Network Act.
In November last year, police identified 13 people of interest, including KT employees and employees of KT's partner companies at the time. A supplementary investigation has been continuing since last month.
What was KT's grand plan? Much like its argument for throttling users, it sounds as if the malware-planting scheme was all about saving money. It looks as if the move will cost it more than expected.