KT hacking probe interim results / KBS 2025.11.06.　#KBSNews

A joint public-private investigation team has announced the interim results of their investigation related to the KT hacking incident that caused unauthorized small payments.

It has been revealed that the management of KT’s ultra-small base stations, known as ‘femtocells’, was very poor and mismanaged.

It has also been found that authentication information for small payments was easily leaked through illegal femtocells.

Reporter Hwang Jeong-ho has the details.

[Report]

The ‘KT femtocell hacking incident’ has resulted in the leakage of personal information of over 22,000 individuals and unauthorized payment damages exceeding 200 million won.

According to the interim investigation results from the joint public-private investigation team, it has been confirmed that KT’s femtocell management system was in disarray.

First, it was confirmed that all of KT’s femtocells used the same certificate.

This means that if one certificate is copied, illegal ‘femtocells’ can access the KT network.

The certificate validity period, set to ten years, was also problematic, as it was found that if a device had ever connected to the KT network, it could continue to be used indefinitely.

Clues about how the authentication information for small payments was extracted have also emerged.

The hacker operating the illegal femtocell was able to decrypt the encryption set between the user and the telecom company, according to the investigation team.

[Lee Dong-geun/KISA Digital Threat Response Director: “Cases where the encryption is decrypted are extremely rare. We have confirmed through various tests that it is possible to create situations where decryption can occur…”]

However, the investigation team stated that further investigation is needed regarding the potential for text or voice call interception.

Nevertheless, they remained cautious about the possibility of creating cloned phones.

[Lee Dong-geun/KISA Digital Threat Response Director: “Regarding the authentication key needed for creating cloned phones, as of now, there has been no evidence found that indicates the authentication keys necessary for SIM card cloning have been leaked.”]

KT has stated that it will strengthen femtocell management, but did not mention whether it would expand the waiver of penalties to all users.

This is Hwang Jeong-ho from KBS News.

▣ KBS 기사 원문보기 : https://ift.tt/vU7BA1H

▣ 제보 하기
◇ 카카오톡 : ‘KBS제보’ 검색
◇ 전화 : 02-781-1234
◇ 홈페이지 : https://goo.gl/4bWbkG
◇ 이메일 : kbs1234@kbs.co.kr