Home / News

South Korean Telecom Giant KT Corporation Accused of Infecting 600,000 Users with Malware Over Torrent Use

South Korean telecom giant KT Corporation has been implicated in deliberately infecting over 600,000 users with malware due to their use of torrent services, as reported by JTBC. This issue surfaced in May 2020 when Webhard, a Korean cloud service provider, faced numerous user complaints about mysterious errors. The compromised Grid Program, reliant on BitTorrent peer-to-peer sharing, was found to be the malware’s target.

Webhard noted that only KT’s internet service users were affected, experiencing strange folder creation, invisible files, and, in severe cases, disabled PCs. Following a police investigation, the malware’s origin was traced to KT’s data center south of Seoul. Authorities have charged 13 individuals, including KT employees and subcontractors, under South Korea’s Protection of Communications Secrets Act and the Information and Communications Network Act.

KT admitted to planting the malware, claiming it was necessary to control what they described as a malicious program on Webhard’s Grid Service. However, this justification has drawn significant criticism because the malware installation occurred without user consent.

Historically, Webhard and KT have been at odds over the Grid Service, which allows users to store and transfer data via peer-to-peer networks, purportedly saving Webhard significant storage costs. This service, however, strained KT’s network. Despite a court ruling in KT’s favor, allowing them to block Webhard’s network traffic due to unpaid network usage fees and inadequate user explanation, KT’s decision to deploy malware instead of blocking IP addresses has sparked outrage.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Threat Intelligence

Sponsored byWhoisXML API


Sponsored byDNIB.com


Sponsored byVerisign

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix