InfoSecBulletin Cybersecurity for mankind
South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers.
SK Telecom is the largest mobile network operator in South Korea, holding approximately 48.4% of the mobile phone service market in the country, corresponding to 34 million subscribers.
Citrix Released Emergency Patches for Actively Exploited CVE-2025-6543
SonicWall warns of a trojanized NetExtender stealing VPN logins
CVE-2025-36537
TeamViewer patched vuln allowing hacker SYSTEM Rights
Hacker Target 70+ Microsoft Exchange Servers to Steal Credentials with Keyloggers
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
The company says they detected malware on their systems at 11 PM local time on Saturday, April 19, 2025, in a weekend cyberattack when most organizations are understaffed.
SK Telecom security notice reads, On April 19, 2025, at approximately 11:00 PM, SK Telecom discovered circumstances in which some SIM-related information of SK Telecom customers was suspected to have been leaked due to malware.
We are currently continuously investigating the exact cause, scale, and items of the leak, and in accordance with relevant laws, we immediately reported the breach to the Korea Internet & Security Agency (KISA) on Sunday, April 20. In addition, we reported the personal information leak to the Personal Information Protection Commission at 10:00 a.m. on Tuesday, April 22 and are actively cooperating with the related investigation.
SK Telecom immediately deleted the malware after recognizing the possibility of a leak, and also isolated the suspected hacking device. As of now, there have been no confirmed cases of actual exploitation of the information, but we are implementing the following measures to prevent damage to our customers.
• Complete system-wide investigation
• Strengthening blocking of illegal SIM card changes and abnormal authentication attempts
• Strengthening immediate suspension of use and guidance measures when suspicious signs of damage are found
For customers who want additional security measures along with customer notifications through the website, we are providing SIM card protection service (free of charge) through the website and T World.”
