Imagine you come to know small payments via your mobile phone is being carried out without your knowledge & come to know that payments are directed to small base stations created by hackers linking your service providers.

 Cyber criminals hacked ultra-small base stations accessed the KT communication network and intercepted traffic during an on-site inspection on the 8th sep.

The Telcom giant got hacked in a clever managed systematic way when the hacker has created a similar base station by stealing femtocells that are not used or under-managed. KT has disconnected the base station in question.

To prevent a recurrence, it will upgrade the management system for micro base stations and strengthen a system that monitors abnormal payment types in real time. It will convert about 2,000 stores nationwide into “Safe and Secure Specialty Stores” and provide affected customers with the “KT Safe and Secure Insurance” (tentative name) free of charge for the next three years to compensate for financial fraud linked to communication devices.

This happened when KT, the south Korean telecom provider discovered two additional illegal ultrasmall base stations, or femtocells, that were used to facilitate a large-scale micropayment scam, bringing the confirmed total to four.

The telecom giant said Thursday that the devices had leaked IMSI, IMEI and phone numbers, and that number of confirmed impacted subscribers had risen from 278 to 362 and that funds embezzled through fraudulent charges to gift cards and transit passes had reached 240 million won, or 173-thousand U.S. dollars. 

Attacks on devices

KT said no additional funds have been stolen since it blocked abnormal transactions on September 5, and that all newly confirmed cases predate that date.

In this attack type personal details such as names and birth dates were not leaked via its network and that SIM authentication keys remain secure, meaning perpetrators of the data breach do not have the ability to clone impacted users’ devices.

Mitigation steps by KT

KT said it is reimbursing victims, offering free SIM card replacements and instructing customers via its website and app, as well as text message, to keep an eye out for fraudulent charges and sign up for the carrier’s SIM protection service.

To prevent a recurrence, it will upgrade the management system for micro base stations and strengthen a system that monitors abnormal payment types in real time.

It will convert about 2,000 stores nationwide into “Safe and Secure Specialty Stores” and provide affected customers with the “KT Safe and Secure Insurance” (tentative name) free of charge for the next three years to compensate for financial fraud linked to communication devices.