Korean CEO Arrest: Added DDoS Feature to Satellite Receivers

A South Korean CEO and five employees were arrested for manufacturing and exporting satellite receivers equipped with Distributed Denial of Service (DDoS) functionalities. This action violated the country’s Act on Promotion of Information and Communications Network Utilization and Information Protection. According to the Korean National Police Agency (KNPA), the devices, marketed as standard broadcasting receivers, were modified to execute cyberattacks on command, without the knowledge of end users.

The investigation began after Interpol tipped off South Korean authorities in July 2024. The KNPA revealed that the receivers were enhanced with DDoS capabilities at the request of a foreign buyer in November 2018. This client, identified as an illegal broadcaster, reportedly sought the feature to disrupt competing operations. “The functionality was disguised as a legitimate feature but posed a significant cybersecurity threat,” the KNPA stated in its press release.

The scheme dates back to 2017 when the Korean company began supplying devices to foreign buyers. By the time the investigation concluded, over 240,000 units had been sold, with nearly 100,000 devices preloaded with DDoS software and the rest receiving the functionality through firmware updates. Users of the receivers were unwitting participants in cyberattacks, often experiencing device slowdowns during the incidents, BleepingComputer reported.

Authorities seized approximately $4.35 million in assets believed to have been generated from the sale of these malicious devices. An international arrest warrant has been issued for the foreign buyer, whom the KNPA described as a “key orchestrator” of the scheme.

This case brings to the surface the risks posed by the misuse of consumer devices for cybercrime. "This is a global issue," the KNPA said, emphasizing the importance of international cooperation to combat similar cases in the future. The CEO and employees are now awaiting prosecution while investigators continue efforts to track down the foreign accomplice.