SKT hack task force investigating eight new malware strains
Korea JoongAng Daily

Home > National > Social Affairs

print dictionary print

SKT hack task force investigating eight new malware strains

Published: 06 May. 2025, 16:17
SK Telecom's logo is pictured at the firm's headquarters in Jung District, central Seoul. [NEWS1]

SK Telecom's logo is pictured at the firm's headquarters in Jung District, central Seoul. [NEWS1]

 
A government-industry task force investigating the recent cyberattack on SK Telecom is examining the timing and origin of eight newly identified malware strains connected to the incident, the joint team said Tuesday.
 
The team is working to determine whether the newly disclosed malware variants were planted in the same home subscriber server (HSS) where four other strains were initially found or if they were planted on separate server equipment. The HSS system handles device authentication for both 4G and 5G voice subscribers.
 

Related Article

SK Telecom first detected abnormal data traffic on March 18 at its security monitoring center. Subsequent investigation revealed malware embedded in its billing analysis systems and signs that files had been deleted.
 
The next day, the company confirmed that data had also been leaked from its HSS, deepening concerns about the scope of the breach.
 
The Korea Internet & Security Agency, which is part of the ongoing investigation, said in an advisory on Saturday that “attackers had targeted Linux systems,” and disclosed the newly identified eight additional malware samples.
 
The joint task force is currently conducting forensic analysis to track the location, entry point and creation time of the malicious code.
 
“We’re still verifying those details,” a spokesperson said of its results.
 
Some cybersecurity experts suspect that attackers may have exploited a vulnerability in virtual private network equipment made by IT software company Ivanti. However, it remains unclear whether SK Telecom’s Linux-based servers were using Ivanti hardware or products from other major vendors like Cisco.
 
The Ministry of Science and ICT, also involved in the investigation, met with the three major telecom providers as well as platform giants Naver, Kakao, Coupang and Woowa Brothers on Saturday to assess their cybersecurity readiness. The ministry urged these companies to thoroughly examine their systems for malware linked to the SK Telecom breach. 


Translated from the JoongAng Ilbo using generative AI and edited by Korea JoongAng Daily staff.
BY JEONG JAE-HONG [[email protected]]
tags SK Telecom investigation cyberattack

More in Social Affairs

Alleged blackmailers of Tottenham's Son Heung-min appear in court

Blaze at Kumho Tire's Gwangju plant will take three days to extinguish, firefighters say

Kumho Tire suspends production after factory fire in Gwangju

Fire breaks out in tire factory in Gwangju

Korea to pay up to $215,000 for cases of brain damage, death during child birth

Related Stories

SK Telecom wraps trial of autonomous AI delivery robots

SK Telecom pumps $200 million into Smart Global Holdings in largest-ever AI investment

SK Telecom to focus on AI, air mobility this year

SK Telecom looks to chase Japanese pet market with AI offering

SK Telecom talks up AI business with LLM deployments
Log in to Twitter or Facebook account to connect
with the Korea JoongAng Daily
help-image Social comment?
s
lock icon

To write comments, please log in to one of the accounts.

Standards Board Policy (0/250자)