iRobot Files for Chapter 11 Bankruptcy Amid Rising Competition and Tariff Pressures 
China Adds Domestic AI Chips to Government Procurement List as U.S. Considers Easing Nvidia Export Curbs 
Intel’s Testing of China-Linked Chipmaking Tools Raises U.S. National Security Concerns 
Australia’s Under-16 Social Media Ban Sparks Global Debate and Early Challenges 
6 simple questions to tell if a ‘finfluencer’ is more flash than cash 
Trump Signals He May Influence Netflix–Warner Bros Merger Decision 
Nvidia Weighs Expanding H200 AI Chip Production as China Demand Surges 
George Clooney Criticizes Trump’s Tariff Threat, Calls for Film Tax Incentives 
Pulp are back and more wistfully Britpop than before 
U.S. Greenlights Nvidia H200 Chip Exports to China With 25% Fee 
SpaceX Begins IPO Preparations as Wall Street Banks Line Up for Advisory Roles 
Paramount’s $108.4B Hostile Bid for Warner Bros Discovery Signals Major Shift in Hollywood 
Netflix Shuts Down Boss Fight Entertainment, Developer of “Squid Game: Unleashed” Amid Gaming Strategy Shift 
Disney’s ABC Pulls Jimmy Kimmel Live! After Controversial Remarks on Charlie Kirk Killing 
SUPERFORTUNE Launches AI-Powered Mobile App, Expanding Beyond Web3 Into $392 Billion Metaphysics Market 
Microsoft Unveils Massive Global AI Investments, Prioritizing India’s Rapidly Growing Digital Market 
Adobe Strengthens AI Strategy Ahead of Q4 Earnings, Says Stifel 
Korean drama shows have garnered immense popularity even in regions outside South Korea. Local and international fans often resort to downloading media copies through torrent and pirate sites.
This method is illicit and highly discouraged. Also, the lack of knowledge on digital security measures could also lead to becoming a victim of malicious campaigns done through torrent sites.
Malware targeting Korean users spreads through torrent sites
A malicious campaign was confirmed in a recent report by WeLiveSecurity based on data coming from the ESET antivirus software. It has detected hundreds of devices infected with the same malware acquired from downloading K-drama files and video games through torrent sites. Compromised devices are composed of 80 percent from South Korea, 10 percent from China, and 5 percent from Taiwan.
Security researchers named the malware in this breach as GoBotKR. It was identified as a modified version of the GoBot2 and designed to avoid detection in the South Korean territories specifically. GoBotKR has reportedly been active since March 2018.
How GoBotKR is spread among Korean torrent users
GoBotKR is being spread on torrent sites by mixing an actual K-drama media file with the malicious contents. Torrent downloads typically came in a folder containing an MP4 file along with an executable LNK file posing as a shortcut to the media content, so both have identical file names.
Malicious torrent downloads also contained an archived PMA file with bogus codec installers. Torrent users who are not familiar with LNK’s executable properties could be easily tricked into clicking it instead of the actual MP4 file. This is how the GoBotKR is secretly installed on computers.
Clicking only the media content should not result in any issue. However, the LNK is a shortcut that will also open the MP4 video, so unsuspecting victims will not be immediately alarmed that they just installed malware on their device. Once the malware has successfully been installed, compromised devices are being added to a network of bots remotely controlled by the attackers.
Without the torrent user knowing, their computer can be used on massive DDoS attacks. Developers also observed the attackers had been secretly collecting data sent to command and control (C&C) servers — all based in South Korea. Types of information gathered include network configuration and main computer specs.
