This website uses cookies

We use necessary cookies to make our site work and improve your browsing experience. We do not share any of the information with third parties.

Okay

Go back

Korea Arrests CEO for Embedding DDoS Functionality in Satellite Receivers

South Korean authorities have detained a CEO and five employees for their role in manufacturing and distributing over 240,000 satellite receivers, equipped or later updated with capabilities for distributed denial-of-service (DDoS) attacks. The functionality was reportedly included at the request of a purchasing company.

December 11, 2024

#vulnerabilities

#SatelliteHacking

#SatelliteCommunication

What happened?

The two companies involved, though unnamed, have been trading since 2017. In November 2018, the purchasing entity allegedly requested the inclusion of DDoS functionality, which the South Korean manufacturer delivered. This malicious feature was purportedly intended to counter attacks from a competitor, marking a rare case of corporate disputes escalating into illegal cyber activity.

The specific method by which the DDoS functionality was leveraged remains undisclosed. However, such attacks are unequivocally illegal when targeting external systems. Moreover, users of the compromised satellite receivers unwittingly participated in the attacks, potentially experiencing degraded device performance during these operations.

Between January 2019 and September 2024, the manufacturer distributed 240,000 satellite receivers. Of these, 98,000 units came with pre-installed DDoS modules, while the rest received the functionality via subsequent firmware updates.

How was the scheme uncovered?

The operation came to light following intelligence shared by Interpol in July 2024. According to an official announcement, Interpol alerted South Korean authorities to a scheme involving "illegal broadcasting company (Company A, foreign-based)" importing compromised satellite receivers from a Korean supplier (Company B). A detailed analysis confirmed that DDoS functionality was embedded through firmware updates.

What are the consequences?

The six arrested individuals now face charges under Korea's Act on Promotion of Information and Communications Network Utilization and Information Protection. In addition, the court has approved the seizure of the company’s assets and the confiscation of KRW 61 billion (approximately $4.35 million), the estimated profits from selling these malicious devices.

This incident highlights the alarming trend of weaponizing consumer technology for malicious purposes. The unauthorized inclusion of DDoS functionality not only violates ethical and legal standards but also exploits end users, making them unwitting accomplices in cyberattacks. Such schemes undermine trust in consumer electronics and emphasize the urgent need for rigorous oversight in the manufacturing process.

Author: Nessa, Cyber Journalist

Source: https://www.bleepingcomputer.com

Photo:  SpaceX

Subscribe to our bi-weekly Linkedin newsletter

Subscribe

#cybercrime

#SatelliteCommunication

#SpaceSecurity

#space

#NATO

#security

#SpaceX

#vulnerabilities

#ISAC

#SatelliteHacking

#threats

#ransomware

#SAIC

#SDA

#NIST

#malware

#NSA

#сyberattack

#cyberdefense

#quantum

#ukraine

#cyberwar

#cybersecurity

You can support TheSIGN by becoming our SATELLITE. Click to learn more about sponsorship.