The government will conduct a direct investigation to determine whether KT and LG Uplus experienced hacking attacks similar to those faced by SK Telecom.
According to the Ministry of Science and ICT on the 26th, the joint public-private investigation team examining the SK Telecom hacking incident is conducting security checks on KT and LG Uplus. For other telecommunications and platform corporations, the previous autonomous inspection policy has been changed to ‘direct investigation.’
The shift in the investigation policy of the joint public-private investigation team is interpreted as stemming from the use of the malware ‘BPF Door’ by the hacking attacks on SK Telecom. As speculation arose that the hacking group primarily using BPF Door might attempt attacks on other domestic telecommunications companies, the government decided to investigate this directly. BPF Door attacks are known to be primarily utilized by advanced persistent threat (APT) groups backed by state actors such as China.
The joint public-private investigation team is applying vaccines for 202 variants of the malware used in the SK Telecom server inspection to the KT and LG Uplus servers to check for any infections. So far, no anomalies related to hacking on KT and LG Uplus have been discovered during the investigation.
A Ministry of Science and ICT official noted, “We are looking into the domestic telecommunications servers from a security inspection level,” and added, “The joint public-private investigation team is conducting inspections in collaboration after consultations among the telecommunications companies that were previously carried out independently.”