Chinese Hacker Arrested for Targeting BTS and Other Celebrities
A shocking case of cybercrime has unfolded in South Korea, with a Chinese hacker being extradited from Thailand to face charges for orchestrating a massive cyberattack targeting some of the country's most influential celebrities. The suspect, Jeon, a 34-year-old Chinese national, is accused of running a hacking network that compromised the personal data of hundreds of victims, resulting in estimated losses of nearly 39 billion won (≈ €27.2M).
The investigation began after South Korean police discovered that hackers had gained access to the personal data of celebrities, including BTS member Jungkook, and attempted to liquidate his HYBE shares worth 8.4 billion won (≈ €5.9M). However, the brokerage froze the transfer, thwarting the hackers' plans just in time.
The hacking scheme relied on exploiting loopholes in telecom authentication systems, allowing hackers to create fake mobile accounts under the names of their victims. These accounts bypassed contactless ID systems and were used to drain bank accounts or transfer cryptocurrency assets. Authorities believe that the targets were chosen among wealthy profiles, as these individuals are less likely to immediately notice anomalies.
Thanks to international coordination between Interpol, Thai police, and South Korean authorities, Jeon was extradited from Thailand and charged with hacking, financial fraud, and identity theft in Seoul. The arrest highlights the fragility of remote authentication systems exploited by transnational cybercrime and serves as a reminder of the strategic value of these infrastructures.
Furthermore, another recent case has come to light, involving a 33-year-old South Korean man who was arrested at Bangkok airport on charges of laundering cryptocurrency into gold bars for international fraud networks. The suspect, Han, had studied in China for six years before returning to South Korea to work for a firm that converted digital assets into gold.
The criminal scheme began in February 2024, when victims were recruited for social media "engagement jobs," supposedly earning money by liking posts and boosting follower counts. They were later persuaded to join "special activities" requiring upfront investment with promised returns of 30–50%. Initially, scammers provided payouts to build trust, but when victims invested larger sums, they were blocked from withdrawing funds.
Complaints led to a Cyber Crime Suppression Division probe, resulting in 10 arrests: five money launderers and five "mule" account holders. Further investigation identified Han as a key laundering operator. Each operation involved converting crypto worth at least 10 kg of gold (≈ $1M). Blockchain analysis revealed that between January and March 2024 alone, Han received about 47.3 million USDT, allegedly laundered into gold for the fraud ring.
The arrest of Jeon and Han marks a turning point in an investigation spanning multiple jurisdictions. As cybercrime continues to evolve, it is essential for authorities to work together to dismantle these networks and protect vulnerable individuals from exploitation.
A Case of Cybercrime Targeting South Korea's Elite
The case of Jeon highlights the fragility of remote authentication systems exploited by transnational cybercrime. The scheme relied on exploiting loopholes in telecom authentication systems, allowing hackers to create fake mobile accounts under the names of their victims.
These accounts bypassed contactless ID systems and were used to drain bank accounts or transfer cryptocurrency assets. Authorities believe that the targets were chosen among wealthy profiles, as these individuals are less likely to immediately notice anomalies.
A Second Case: Laundering Cryptocurrency into Gold
In a separate case, Han was arrested at Bangkok airport on charges of laundering cryptocurrency into gold bars for international fraud networks. The suspect had studied in China for six years before returning to South Korea to work for a firm that converted digital assets into gold.
The criminal scheme began in February 2024, when victims were recruited for social media "engagement jobs," supposedly earning money by liking posts and boosting follower counts. They were later persuaded to join "special activities" requiring upfront investment with promised returns of 30–50%.
International Cooperation: A Key to Success
The cases of Jeon and Han highlight the importance of international cooperation in dismantling transnational cybercrime networks. Thanks to coordination between Interpol, Thai police, and South Korean authorities, both suspects were extradited and charged with relevant offenses.
This cooperation demonstrates that law enforcement agencies can work together to protect vulnerable individuals from exploitation and bring perpetrators to justice.