The investigation began in July 2024 when Interpol tipped off South Korean authorities about a suspicious shipment of satellite receivers from a Korean firm, B Corporation, to an overseas company, A Corporation, known for illegal broadcasting. Interpol suspected that the devices included malicious software enabling DDoS attacks.
Subsequent analysis confirmed that the receivers either came preloaded with the malware or were configured to install it during firmware updates. The affected devices had been shipped between January 2019 and September 2024, with an earlier batch of nearly 98,000 units already infected at the time of sale.
The criminal activity was traced back to a request from A Corporation in November 2018. A Corporation claimed it was being targeted by rival businesses and demanded that B Corporation provide them with tools to launch retaliatory DDoS attacks. B Corporation complied, integrating malicious functionalities into their devices and distributing them through updates.
The export and infection strategy was carried out under the guise of legitimate business transactions, allowing the perpetrators to evade detection for several years.
South Korean authorities not only arrested five key figures from B Corporation but also issued an international warrant for a foreign suspect linked to A Corporation. The court has already frozen assets worth KRW 6.1 billion, suspected to be proceeds from these illegal exports.
B Corporation, which has been active in the satellite communications sector since 2017, represents a mid-sized player in the global market. The discovery of its involvement in cybercrime underscores the potential for misuse of IoT and connected devices in international cyberattacks.
The police emphasized their commitment to pursuing international cybercrime. With Interpol's assistance, they aim to apprehend the remaining suspects and prevent South Korea’s reputation from being tarnished by such activities.
Hackers Announce ‘Biggest Breakthrough’ in Windows and Office Piracy
Leave a Reply