SK Telecom, a leading telecommunications company in South Korea, was found to have been hacked, with the incident reported in April this year. Hackers deployed ransomware known as 'Qilin' to extort large sums of money via the dark web, compelling SK to issue an apology and replace over 25 million customers' SIM cards. An investigative report has revealed even more shocking information: hackers began infiltrating 23 servers as early as June 2022 and implanted up to 25 malicious programs, compromising the personal data of nearly 27 million mobile users.

On April 29, SKT confirmed the installation of four malicious programs that stole user USIM card data and announced a SIM card replacement for all users. Media estimates indicated that more than 25 million users qualified for the swap. The latest findings show that approximately 9.82 GB of data has leaked, including 26,957,749 International Mobile Subscriber Identifiers (IMSI). Following an investigation of over 30,000 servers, SKT disclosed that hackers implanted Web Shell on June 15, 2022, and identified 25 malicious programs, including the backdoor program BPFDoor, across the servers. This indicates that the hackers managed to infiltrate and remain undetected within SKT for nearly three years, exposing serious deficiencies in the company’s cybersecurity defenses.