KT's Concealed Malware Breach Costs Telecom Giant 90% Profit Drop

KT Corp. security breach BPFDoor malware telecom data theft femtocell vulnerabilities South Korea cybersecurity
Hitesh Kumawat
Hitesh Kumawat

UX/UI Designer

 
December 1, 2025 3 min read
KT's Concealed Malware Breach Costs Telecom Giant 90% Profit Drop

TL;DR

KT Corp. concealed critical BPFDoor malware infections and security failures affecting customer data. Investigations revealed vulnerabilities in femtocell management, leading to financial losses and potential legal action. This incident follows a significant data breach at SK Telecom, emphasizing ongoing cybersecurity challenges in the telecom industry.

KT Corp. Concealed Malware Infections and Security Failures

KT Corp., South Korea's second-largest mobile carrier, concealed critical malware infections and failed to report security breaches, leading to a hacking and data theft incident. A government-led investigation revealed these findings according to Yonhap News Agency. The joint government-private investigation team discovered that 43 of KT's servers were infected with BPFDoor malware and other malicious code between March and July 2024.

Despite detecting these infections, KT did not notify authorities, attempting to resolve the issue internally as reported by MK.

BPFDoor Malware and Data Exposure

The BPFDoor malware allows remote attackers to bypass firewalls and maintain long-term access to compromised systems. This malware was also used in a separate hacking case involving industry leader SK Telecom Co. according to the investigation. The infected KT servers contained customers' personal information, including names, phone numbers, email addresses, and international mobile equipment identity (IMEI) data. The investigation team considers the concealment a grave concern and plans to collaborate with authorities to determine legal measures as stated by Yonhap News Agency.

Vulnerabilities in Femtocell Management

The investigation revealed serious vulnerabilities in KT's femtocell management, allowing unauthorized devices to connect to the company's internal network reported by The Korea Herald. A femtocell is a small, low-power cellular base station typically used in homes or small businesses.

KT's femtocell management system was generally poor, creating an environment in which unauthorized femtocells could easily access the company's internal network according to the investigation team. Hackers controlling illegal femtocells could disable end-to-end encryption, intercepting users' payment authentication data. The Ministry of Science and ICT will conduct a legal review to determine if KT's actions breached the law and warrant customer compensation.

Financial Losses and Remedial Actions

In August, 368 KT customers suffered financial losses totaling 240 million won (US$167,000) through illegally operated micro base stations according to Yonhap News Agency. KT began offering free universal subscriber identity module (USIM) replacements to address growing data security concerns among users as a response to the breaches.

SK Telecom's Data Breach Impact

SK Telecom, another major mobile carrier in South Korea, faced a 90% drop in operating profit due to recovery costs and losses tied to a data breach earlier in the year reported by The Record. The company posted an operating profit of 48.4 billion won ($34.1 million), down from 493 billion won a year earlier according to its earnings report.

telecom
Image courtesy of The Record

The breach exposed the personal data of about 27 million customers. Attackers infiltrated SK Telecom's network in 2022 using 25 types of malware that went undetected for nearly three years according to the report. The stolen data included subscriber identity numbers, authentication keys, network activity logs, and SIM-stored text messages. Regulators imposed a record 134 billion won ($96.5 million) fine and ordered SK Telecom to overhaul its cybersecurity systems as reported by Reuters.

Coupang Blacklist Allegations

Coupang, faced allegations of maintaining a blacklist of union leaders and journalists critical of the company and retaliating against a whistleblower Business & Human Rights Resource Centre. A Coupang worker reported to the media that Coupang was managing a blacklist containing the names of 16,450 individuals, including trade union leaders and journalists critical of the company according to a report.

Automate Your Cybersecurity Marketing with https://gracker.ai

These incidents highlight the critical need for robust cybersecurity measures and proactive marketing strategies to maintain customer trust. At https://gracker.ai, we understand the challenges of staying ahead in the cybersecurity landscape. That's why we've developed a suite of AI-powered tools designed to automate your cybersecurity marketing efforts. From daily news updates and SEO-optimized blogs to AI copilot assistance and newsletters, https://gracker.ai helps you stay informed, engage your audience, and build a stronger brand.

Ready to transform your cybersecurity marketing? Start your FREE trial today! GrackerAI automates your cybersecurity marketing: daily news, SEO-optimized blogs, AI copilot, newsletters & more.

Hitesh Kumawat
Hitesh Kumawat

UX/UI Designer

 

Design architect creating intuitive interfaces for GrackerAI's portal platform and the high-converting tools that achieve 18% conversion rates. Designs experiences that turn visitors into qualified cybersecurity leads.

Related News

Exploring Morocco's E-Commerce Growth and 2025 Black Friday Trends
Morocco e-commerce

Exploring Morocco's E-Commerce Growth and 2025 Black Friday Trends

Explore Morocco's booming e-commerce market! Discover growth drivers, key challenges like logistics and trust, and emerging opportunities. Learn how businesses can thrive. Read now!

By Hitesh Kumar Suthar November 28, 2025 3 min read
Read full article
Key Digital Marketing Trends and Predictions for 2026
UK digital marketing report 2026

Key Digital Marketing Trends and Predictions for 2026

Download the UK State of Digital Marketing Report 2026 for insights on AI, budget allocation, and Google's AI Overviews. Benchmark your strategy now!

By Deepak Gupta November 27, 2025 5 min read
Read full article
AI Content Automation: $3.5M Success & Engagement Boost Strategies
AI content automation

AI Content Automation: $3.5M Success & Engagement Boost Strategies

Discover how AI content automation generated $3.5M & 100M views. Learn the 4 pillars of AI-powered growth and unlock viral marketing success. Start your free trial!

By Nikita shekhawat November 26, 2025 4 min read
Read full article
IIT Delhi Launches Executive Programme in Brand Management
IIT Delhi

IIT Delhi Launches Executive Programme in Brand Management

Elevate your marketing career! IIT Delhi offers a 6-month online Executive Programme in Brand Management. Limited seats available. Apply now!

By Hitesh Kumar Suthar November 25, 2025 2 min read
Read full article