Particle.news
Download on the App Store
10 ARTICLES
·
yesterday

KT Fraud Probe Widens as Two Suspects Arrested and Carrier Flags Separate Server Breaches

KT disclosed suspected server intrusions that are now under KISA review in a case separate from the mobile micro‑payment scheme.

Image
Image
This file photo provided by KT Corp. shows its headquarters in Seoul. (PHOTO NOT FOR SALE) (Yonhap)
This photo, provided by the Gyeonggi Nambu Provincial Police on Sept. 17, 2025, shows a Chinese national being apprehended by police for allegedly making unauthorized mobile payments by hacking users of KT Corp. (PHOTO NOT FOR SALE) (Yonhap)

Overview

  • South Korean police secured court‑approved arrest warrants for two Korean Chinese suspects and seized illegal micro base station equipment allegedly used to impersonate KT cells.
  • Investigators say the attackers operated modified femtocells from a van to intercept connections and trigger unauthorized small payments later converted to cash.
  • KT now counts 362 confirmed micro‑payment victims with losses of about 240 million won, with refunds completed for 278 cases and the remaining 84 in process.
  • About 20,000 users who connected to four rogue femtocells are being treated as potentially exposed to IMSI, IMEI and phone numbers, while KT says names, birth dates and USIM authentication keys were not leaked.
  • KT separately reported to KISA four cases with evidence of server breaches and two suspected cases found in a four‑month internal review, as authorities probe how ARS authentication was bypassed and possible overseas direction after a suspect cited orders from China.