DDoS Attacks Worth $43 Million: Satellite Receivers Turned into Cyberweapons

South Korean police have uncovered a criminal scheme involving satellite receivers equipped with software for carrying out DDoS attacks. Both the device manufacturer and a foreign client have become subjects of the investigation.

The investigation began in July after Interpol provided information about possible illegal activities. Authorities determined that a foreign company had been importing satellite receivers from South Korea, which, at the request of the client, had been equipped with malicious DDoS functionality since 2019. The malware was distributed both through firmware updates and directly during shipment.

From 2019 to 2024, the company exported 240,000 devices, nearly 100,000 of which already contained malicious software at the time of production. The remaining devices received DDoS attack capabilities through software updates. This operation generated revenue of 61 billion won ($43.5 million) for the receiver manufacturer.

The foreign client was the initiator of the scheme, insisting since 2018 that the equipment be outfitted with DDoS attack features to target competitors. The manufacturer agreed to the request and began mass distribution of the malware.

Law enforcement authorities have seized company assets equivalent to the criminal proceeds. Police emphasize that all illicit funds will be confiscated, in line with the principle of inevitable prosecution for cybercrimes. An international investigation involving Interpol is ongoing regarding the foreign client.

Source