InfoSecBulletin Cybersecurity for mankind
South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers.
SK Telecom is the largest mobile network operator in South Korea, holding approximately 48.4% of the mobile phone service market in the country, corresponding to 34 million subscribers.
Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI
App builiding platform exposes over 3 million records, including PII
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
The company says they detected malware on their systems at 11 PM local time on Saturday, April 19, 2025, in a weekend cyberattack when most organizations are understaffed.
SK Telecom security notice reads, On April 19, 2025, at approximately 11:00 PM, SK Telecom discovered circumstances in which some SIM-related information of SK Telecom customers was suspected to have been leaked due to malware.
We are currently continuously investigating the exact cause, scale, and items of the leak, and in accordance with relevant laws, we immediately reported the breach to the Korea Internet & Security Agency (KISA) on Sunday, April 20. In addition, we reported the personal information leak to the Personal Information Protection Commission at 10:00 a.m. on Tuesday, April 22 and are actively cooperating with the related investigation.
SK Telecom immediately deleted the malware after recognizing the possibility of a leak, and also isolated the suspected hacking device. As of now, there have been no confirmed cases of actual exploitation of the information, but we are implementing the following measures to prevent damage to our customers.
• Complete system-wide investigation
• Strengthening blocking of illegal SIM card changes and abnormal authentication attempts
• Strengthening immediate suspension of use and guidance measures when suspicious signs of damage are found
For customers who want additional security measures along with customer notifications through the website, we are providing SIM card protection service (free of charge) through the website and T World.”
