27 Million South Koreans Victimized In Online Gaming Heist

16 suspects arrested in South Korea as authorities pursue additional suspects, including a Chinese hacker.

Dark Reading logo in a gray background | Dark Reading

South Korean authorities are investigating a massive and widespread breach of personal information on some 27 million online gamers in that nation in what a report there says makes up more than 70% of South Korea's population of people between the ages of 15 and 65.

According to a report by Korea's JoongAng Daily, the South Jeolla Provincial Police Agency has arrested a 24-year-old man with the last name of Kim, who acquired names, registration numbers, account names, and passwords on the 27 million victims, from a Chinese hacker he met in 2011 in an online game. They have arrested 15 other suspects as well, and are pursuing more.

Kim allegedly used the stolen credentials and information to pilfer hundreds of millions of won, equivalent to around US $400,000, in online gaming currency from six online games in Korea. He gave a cut to the Chinese hacker, according to the report, and sold some of the stolen information to others in the black market.

Online gaming is wildly popular in South Korea, so it's no surprise cyber criminals would target that community, says Adam Kujawa, head of malware intelligence at Malwarebytes.

It's unclear whether the gamers' credentials originally were stolen via a drive by attack on the gaming websites, or if the hacker who grabbed them used a password-cracking tool, he says. "They could have been testing known passwords and usernames, and had a tool that automatically tries to log in using these credentials. Once they worked, they were able to steal money."

Or the attackers used a key logger to sniff the credentials when the victims logged in, says Kujawa.

Regardless, two-factor authentication would have kept the accounts safe from this scam, with a temporary one-time password, for example, he says. "I think two-factor authentication should be required" for gaming. The online gaming community sometimes offers incentives to get users to configure their accounts for two-factor, such as free in-game special items for users who register for two-factor authentication.

"This shows how easy it was for these attackers to exploit" gamers, Kujawa says. "I think it was fairly significant and an eye-opener... The population of people playing [online gaming] is growing, therefore so is the population for potential victims."

Kim reportedly sold some of the stolen information to mortgage fraudsters and phony gambling advertisers as well, and made billions of wons worth of fraudulent transactions.

South Korea has had its share of data breaches: Earlier this year, an employee of the Korea Credit Bureau allegedly stole personal information on some 20 million citizens, and in 2011, personal information of some 35 million users of a social network and search engine was exposed. 

About the Author

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights