Close Menu
    Facebook LinkedIn YouTube Instagram X (Twitter)
    Blue Tech Wave Media
    Facebook LinkedIn YouTube Instagram X (Twitter)
    • Home
    • Leadership Alliance
    • Exclusives
    • Internet Governance
      • Regulation
      • Governance Bodies
      • Emerging Tech
    • IT Infrastructure
      • Networking
      • Cloud
      • Data Centres
    • Company Stories
      • Profiles
      • Startups
      • Tech Titans
      • Partner Content
    • Others
      • Fintech
        • Blockchain
        • Payments
        • Regulation
      • Tech Trends
        • AI
        • AR/VR
        • IoT
      • Video / Podcast
    Blue Tech Wave Media
    Home » SK Telecom breach exposes years-long malware infiltration
    SK-Telecom
    SK-Telecom
    IT Infrastructure

    SK Telecom breach exposes years-long malware infiltration

    By Yara YangMay 20, 2025No Comments3 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email
    • Malware infiltrated SK Telecom’s systems in 2022 and remained hidden until April 2025
    • Operator rolls out advanced fraud detection and nationwide SIM replacement programme

    What happened: SK Telecom outlines breach response and security upgrades

    SK Telecom has revealed that a persistent and sophisticated malware strain infiltrated its internal systems in 2022—almost two years before its discovery in April 2025. The breach exposed sensitive personal and financial data belonging to potentially millions of users. The company’s latest technical report confirmed that the malware went unnoticed through multiple internal audits and cybersecurity scans.

    Following the breach, the company identified and isolated 25 different malware strains across its infrastructure. It also quarantined 23 infected servers believed to be the source of the leak. While the company insists there is no current evidence of further unauthorised data transfers, it has taken pre-emptive measures to mitigate any potential risks. These measures include a temporary halt on all new subscriber sign-ups and a national SIM card replacement programme to reduce the chance of fraudulent access. The operator is also offering SIM protection services both domestically and abroad, ensuring returning travellers and overseas users are not left vulnerable.

    In addition, SK Telecom has implemented a comprehensive upgrade to its fraud detection system. The newly deployed FDS 2.0 applies triple-factor authentication—validating the customer’s identity, the SIM card, and the connected device—before allowing access to services. The company confirmed this security layer is now fully active across its network.

    Also read: SK Telecom sees Q1 AI growth
    Also read: SK apologises for data breach at SK Telecom

    Why it is important

    The breach has triggered widespread concern across South Korea’s technology and security sectors. As the nation’s largest mobile operator, SK Telecom is deeply embedded in both consumer and enterprise communications. Its compromise suggests that even well-defended networks can be vulnerable to long-term, undetected intrusions.

    The malware, reportedly identified as BPFdoor, is known for its stealth and ability to bypass traditional authentication systems. It has previously been linked to state-sponsored hacking groups such as Red Menshen, which some Korean media allege have ties to Chinese intelligence units. This type of malware was also used in attacks targeting US telecommunications firms in 2024, indicating a possible regional or geopolitical pattern. Chey Tae-won, chairman of SK Group, directly addressed the public in early May. He issued a formal apology and stated that this incident should be considered “a matter of national defence”. His framing echoes broader fears that cyberattacks on telcos are not just criminal or financial in nature but represent strategic threats to national infrastructure.

    As the investigation continues, experts expect increased cooperation between SK Telecom, the Korean government, and cybersecurity agencies. Regulatory reforms and stricter infrastructure security guidelines may follow. The breach has become a wake-up call not only for Korea but for other nations whose telco networks are potential targets for similar covert attacks.

    Cybersecurity Telecom
    Yara Yang

    Yara Yang is a community engagement specialist of BTW Media and studied education at the University of York in the UK. Contact her at y.yang@btw.media.

    Related Posts

    AFRINIC’s RPKI delays leave African internet vulnerable

    July 15, 2025

    $84M boost for Moonvalley’s AI video platform

    July 15, 2025

    Exa Infrastructure opens new fibre route in Western Europe

    July 15, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    CATEGORIES
    Archives
    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023

    Blue Tech Wave (BTW.Media) is a future-facing tech media brand delivering sharp insights, trendspotting, and bold storytelling across digital, social, and video. We translate complexity into clarity—so you’re always ahead of the curve.

    BTW
    • About BTW
    • Contact Us
    • Join Our Team
    TERMS
    • Privacy Policy
    • Cookie Policy
    • Terms of Use
    Facebook X (Twitter) Instagram YouTube LinkedIn

    Type above and press Enter to search. Press Esc to cancel.