Security expert turned black hat, selling 400K houses’ private videos

By Dain Oh, The Readable
Dec. 21, 2022 8:00PM KST

The National Police Agency of South Korea arrested a suspect who infiltrated home networks of more than 400,000 private residences and tried to sell the videos and pictures of victims on the dark web. The suspect was confirmed to be a security expert who warned people of vulnerable home networks three years ago.

The Cyber Terror Response Division under the National Office of Investigation announced on Wednesday that they have seized a man who illicitly accessed thousands of home networks from several apartment complexes, recorded videos and pictures inside the residential properties, and attempted to sell them on Raid Forum, a now-defunct underground website on the dark web. The man is accused of violating the information protection law.

Infographic that shows phases of home network hacking by the suspect. Designed by Areum Hwang, The Readable

According to the police, the suspect committed these crime by exploiting vulnerable wallpads, which are smart home devices that are installed in apartments in the form of tablets and help residents remotely control multiple home related functions through cameras and sensors. From August to November of last year, he managed to access the servers of 638 apartment complexes, penetrating 404,847 housing units where people made their homes. After obtaining access to the wallpads, he secretly filmed inside the houses.

Moreover, the suspect hacked wireless routers in public facilities and used foreign services to communicate with potential buyers before he stealthily looked at the private lives of other people and attempted to sell the unlawful materials with an aim to avoid being tracked by law enforcement. In his sales posting on Raid Forum in November of 2021, he claimed to have hacked “most of the apartments in South Korea” and said that the sample videos were “extracted from the smart home devices in those apartments.” To prove the authenticity of his materials, he uploaded 45 pictures and 2 video samples on the same posting.

The sales posting that the suspect uploaded on Raid Forum in November of 2021. Source: The Cyber Terror Response Division under the National Office of Investigation

The suspect turned out to be a cybersecurity expert who once gave an interview to a local media outlet regarding home network security in 2019. In the news article that was published in February of 2019, the suspect personally demonstrated how vulnerable it is to use wallpads and said “middle schoolers with basic knowledge of computers can easily hack” the home networks. The man who is in his 30s reportedly studied information security as an undergraduate and previously committed two types of cybercrimes, including a distributed denial-of-service attack, or DDoS, and hacking.

Wallpads are smart home devices that are installed in apartments in the form of tablets and help residents remotely control multiple home related functions through cameras and sensors. A police officer is demonstrating how a wallpad works. Source: The Cyber Terror Response Division under the National Office of Investigation
South Korean law enforcement arrested the suspect at his home. Source: The Cyber Terror Response Division under the National Office of Investigation

South Korean law enforcement chased the suspect for over a year. The wallpads hacking has gained national attention since October of 2021 when the local newspaper first acknowledged the incident and reported the real evidence of victims’ photos, which had been circulated through the dark web. It is not confirmed yet that the black hat hacker who first uploaded the photos onto the dark web in October of 2021 is the same suspect who is now under arrest by the South Korean police officers. The police told The Readable that they started looking into the incident in November of 2021 when the Korea Internet & Security Agency requested the investigation.

For the last year, various government organizations have started to work together in response to the home network vulnerabilities, including a joint investigation among the Ministry of Science and ICT, the Ministry of Land, Infrastructure, and Transport, and the Ministry of Trade, Industry, and Energy. The agencies identified vulnerabilities regarding wallpads and have been pushing the related parties to update home networks’ security guidelines.

“To secure home networks, there should be a collaborative effort from wallpads manufacturers, server managers of apartment complexes, and each resident who uses wallpads,” asserted the police in a press release. “For individual residents, it is recommended to reset passwords for administrative accounts and wireless routers.”

ohdain@thereadable.co

The cover image of this article was designed by Areum Hwang.


Dain Oh is an award-winning cybersecurity journalist based in South Korea and the founding editor-in-chief of The Readable by S2W. Before joining S2W, she worked as a reporter for The Electronic Times, the top IT newspaper in Korea, covering the cybersecurity industry on an in-depth level. She reported numerous exclusive stories, and her work related to the National Intelligence Service led to her being honored with the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology in a unanimous decision. She was also the first journalist to report on the hacking of vulnerable wallpads in South Korean apartments, which later became a nation-wide issue.