Arrested South Korean Hackers Made Nearly $

Pair is accused of terrorizing South Korea’s second largest carrier

In February 2012 a pair of hackers allegedly developed a “sophisticated” software platform designed to hack the databases of KT Corp. (KSC:030200), the second largest mobile carrier in South Korea.

The hackers obtained details on over half the carrier’s customers, gaining information on 8.7 million of approximately 16 million accounts on the carrier.  The hackers allegedly then sold their software and the records — including customers’ names, phone numbers, residential registration numbers, and contract details — to several telemarketing firms for $878K USD  (1 billion Won).  The telemarketers used the information to solicit customers to switch to other carriers.

But the joy ride appears to be over as the pair who sold the information is allegedly in custody.  Seven other individuals who purchased the software and illegally copied data were also arrested.

KT Corp. emphasizes that the intrusion was very sophisticated, commenting, “It took nearly seven months to develop the hacking program and (the suspects) had very sophisticated hacking skills. In light of this incident, we will strengthen the internal security system and raise awareness of security among all employees to prevent causing inconvenience to customers.”

KT Comms
KT Comms was victimized by hackers and now faces class action lawsuits.
[Image Source: Slashgear]

They add that they are sincerely sorry for the impact on customers, stating, “We deeply bow our head in apology for having your precious personal information leaked… we’ll try our best to make such things never happen again.”

The carrier is facing a class action lawsuit from customers for the hack, despite its openness about the breach and its apology.  The company first detected the breach on July 13 and alerted authorities immediately.

While the exact methodology of the attack has not been widely publicized, it’s possible the South Korean hackers exploited weakness in the link to the SQL database — a popular means of grabbing internet-accessible data.

While many companies have tightened security on the databases themselves, the links remain vulnerable as many popular corporate software packages have certain well-known errors where they mishandle strings.  These errors allow hackers to execute disallowed commands, gaining the same access as company employees.  The method is known as SQL “injection” as it involves “injecting” the command into an otherwise harmless string of text.

Recent American companies to fall victim to that attack methodology include NVIDIA Corp. (NVDA) whose forums accounts were compromised, and Yahoo! Inc. (YHOO) whose news accounts were compromised.

Last year South Korea the nation’s largest carrier, SK Comms (KOE:066720) recently announced that over 35 million records had been illegally copied from its database by hackers in China.  And in Nov. 2011 Nexon Korea Corp., one of the nation’s top online gaming companies, had 13 million user records illegally copied.

Source: ZDNet


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s