South Korean authorities have apprehended the CEO of a company and five employees in connection with the production of more than 240,000 satellite TV receivers that can be modified to include distributed denial-of-service (DDoS) attack capabilities at customers’ requests.
While no companies have been specifically identified, the two firms in question have engaged in a series of transactions since 2017. In November 2018, the purchasing organization submitted a specific requirement for DDoS performance testing, which the South Korean manufacturer promptly accommodated.
Reportedly, the performance was intended to counteract the aggressive moves of a rival organization.
Although the specific units targeted by the DDoS attacks were not disclosed, it is important to note that such assaults are always illegal when directed at external systems.
Moreover, unsuspecting subscribers to satellite TV services unwittingly found themselves caught up in cyberattacks, potentially experiencing subpar device performance as a result of these malicious incidents.
Between January 2019 and September 2024, the manufacturer delivered 240,000 satellite TV set-top boxes, with approximately 98,000 units featuring a pre-installed Distributed Denial-of-Service (DDoS) module. The system’s performance was upgraded through a subsequent software update.
South Korea’s law enforcement authorities acted swiftly to foil a nefarious plot after receiving crucial intel from Interpol, with the operation also netting a fugitive previously listed by international agencies.
“In July, Interpol revealed that it had obtained intelligence indicating the unlawful broadcasting company Firm A, based abroad, was importing satellite TV receivers equipped with DDoS attack capabilities from a Korean firm, Firm B.”
“Upon scrutinizing the tools, it became apparent that DDoS performance had been persistently compromised during firmware updates.”
Six individuals arrested in Korea are facing charges for violating the Act on Promotion of Information and Communications Technology Utilization and Information Security.
The court has also authorized the seizure of the company’s assets and the confiscation of approximately $4.35 million, the amount allegedly generated through the illegal sale of malicious satellite TV receivers.
Corporate operators, having acquired the tools, remain at liberty, while the South Korean authorities collaborate globally to track down and apprehend those responsible.