(C) Ars Technica

Seoul, South Korea — A sophisticated network of hackers who infiltrated over 120,000 home and business Internet Protocol (IP) cameras, turning private lives into illicit content for profit on overseas adult websites, has been dismantled by the National Investigation Headquarters of the Korean National Police Agency. The police announced on November 30, 2025, that four individuals have been apprehended in connection with the widespread hacking and distribution of sexually exploitative material. While operating independently, their combined actions led to a massive violation of privacy and security for numerous households.

IP cameras, commonly installed in homes to monitor pets, children, or elderly family members, or used in businesses for crime prevention, are prized for their ease of setup and affordability compared to traditional closed-circuit television (CCTV) systems. However, this accessibility often comes at the cost of security, a vulnerability ruthlessly exploited by the perpetrators.

The Scale of the Crime: A Digital Violation 

The investigation revealed the staggering extent of the operation, driven primarily by two unemployed men seeking illicit financial gains.

Suspect A, who is unemployed, successfully hacked into approximately 63,000 IP cameras. Using the stolen footage, he produced 545 pieces of sexually exploitative material which he then sold on overseas adult platforms. His illegal activities yielded him virtual currency equivalent to about 35 million KRW (approximately $27,000 USD).
Suspect B demonstrated an even greater reach, hacking into 70,000 IP cameras. He created and sold 648 pieces of exploitative content, earning him virtual currency valued at 18 million KRW (approximately $14,000 USD).
The volume of content produced by these two individuals alone constitutes a significant portion of the platform’s illegal inventory. Over the past year, their videos accounted for a shocking 62% of all content posted on Site C, the overseas adult platform where the material was distributed. This particular site is notorious for hosting illegal footage featuring victims from various countries.

The police also apprehended two other individuals for illegal possession of hacked footage, though they had not distributed or sold the videos. Suspect D, a self-employed individual, hacked 15,000 IP cameras, and Suspect E, an office worker, compromised 136 devices. Police have placed three of the four suspects—A, B, and D—under formal arrest, with Suspect E remaining under investigation.

Exploiting Predictable Weakness 

The ease with which the hackers gained access underscores a critical and pervasive security flaw: weak password protection. The perpetrators targeted cameras with simple, easily guessable credentials, often set as identical characters repeated (e.g., 'aaaaaa'), sequential numbers, or simple alphanumeric strings (e.g., '123456'). This negligence in security proved to be the open door for mass surveillance and exploitation.

Police Action and International Cooperation 

In response to the massive data breach, the police have taken immediate steps to mitigate the damage and prosecute those involved. Investigators have directly contacted or communicated with the victims associated with 58 confirmed compromised locations via phone, mail, or in-person visits. Victims were notified of the breach and provided with urgent guidance on how to change their device passwords and secure their networks.

Furthermore, authorities are aggressively targeting the distribution platform. The Korean Communications Standards Commission has been requested to block domestic access to the illicit Site C. In a move to permanently shut down the source of exploitation, the National Investigation Headquarters is actively collaborating with foreign law enforcement agencies.

The police have also extended their investigation to the demand side, arresting three individuals who purchased or viewed the sexually exploitative material on Site C, emphasizing a commitment to pursuing all participants in this heinous criminal chain.

This mass arrest serves as a potent, albeit sobering, reminder of the vital need for robust digital security in the modern home. Users of smart home devices, particularly IP cameras, are urged to abandon default and weak passwords in favor of complex, unique credentials to prevent their private space from becoming the next frontier for digital crime.