[Digital Today reporter Jin-ho Lee] SK Telecom prevented subscriber financial losses by tracing attacker control servers and using AI-based detection technology.

SKT said on Tuesday it is working with police to analyse malicious app installation files and identify addresses of attacker control servers, also known as C2 servers, used to remotely control user devices or steal personal data. It said the information is used to block damage.

According to SKT, it closely analysed about 1,600 unique files, excluding duplicates, from about 3,500 malicious app installation files shared through cooperation with police over the past two months. It identified 390 C2 server domains and provided them to police. As a result, it prevented financial losses for 403 SKT customers with malicious apps installed. The total estimated losses prevented amount to about 20.3 billion won.

SKT earlier established a cooperation system with police. When police share malicious app samples obtained during phishing damage reports with telecom operators, the Social Engineering Threat Response team at SKT's Integrated Security Center analyses them and tracks C2 server addresses.

C2 servers are infrastructure used to steal personal or financial information from devices infected with malicious apps or to issue commands to intercept calls and texts remotely. SKT shares C2 server information obtained during analysis with police to block additional damage to other customers infected with the same malicious apps.

SKT is also developing AI-based automated analysis technology that automatically analyses malicious apps to detect attacker server addresses and malicious behaviour. It is also expanding the use of its existing AI-based phishing site detection system, Undercover Bot.

An official at SKT's Integrated Security Center said, "As phishing crimes become increasingly sophisticated, the scale of damage from malicious apps is also rising quickly." The official added, "We will work to prevent customer damage and strive to create a safe communications environment through close cooperation with police and related agencies."