We're certainly no strangers to the Machiavellian schemes of telecom companies in the US, where thanks to the , we've only just recently been able to dodge the nightmare scenario of ISPs being legally empowered to throttle their competitors' traffic. That makes it all the more impressive when companies elsewhere in the world upstage our own constant advancements in corporate skulduggery—companies like KT, a South Korean ISP recently accused of inflicting malware on 600,000 of its own customers.
According to a report from , users of torrent-based "webhard" [[link]] services—file storage and transfer platforms that are popular in South Korea—began reporting in 2020 that they were experiencing slow transfers, busted files, and malfunctioning PCs. When one of the webhard providers noticed all the users experiencing issues were KT customers, the company reported the information to Korean law enforcement.
ISPs have waged war against torrent traffic for years. In the US, before those few years where the FCC decided to give things a go without net neutrality (it didn't go well), in 2008 after throttling BitTorrent transfers. Legal protections and networking advances have seen those efforts subside somewhat in recent years, making it even wilder that Korean police found evidence suggesting that KT was distributing malware to its own customers as punishment for using P2P services.
A describes how, following a search of KT headquarters, it appears that the ISP had formed a team to develop and distribute malware, allegedly "wiretapping" data exchanged between KT subscribers accessing webhard services and interfering with their transfers. While it's difficult to parse out confirmed specifics without any English reporting from JTBC, it seems like KT's explanation for its malware task force is that the team was an attempt
to control what it considered "malicious services," and that there were only a few people involved, so who can you even blame, really?
According [[link]] to the police investigation, the malware squad's operation allegedly followed internal KT discussions about minimizing ongoing networking costs and involved dozens of devices, calling into question just how isolated within the company the operation was. I'm no expert, but [[link]] if it was me, I'd have maybe tried some IP bans instead?