SK Telecom Breach, Massive Ransomware Outage, Beware AI Links

The organizations that invest in email authentication early save themselves from expensive incidents later, says Vasile Diaconu, Operations Lead at DuoCircle. We see the pattern constantly: a domain gets spoofed, customers lose trust, and the remediation effort costs 10x what proactive DMARC setup would have cost.

					DMARC Report					

				

SK Telecom Breach, Massive Ransomware Outage, Beware AI Links

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-29413">
						<source src="https://media.mailhop.org/dmarcreport/images/2025/07/SK-Telecom-Breach-Massive-Ransomware-Outage-Beware-AI-Links.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H2M14S">2:14</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-29413" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-29413" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-29413" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-29413" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/sk-telecom-breach-massive-ransomware-outage-beware-ai-links/&t=SK Telecom Breach, Massive Ransomware Outage, Beware AI Links" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/sk-telecom-breach-massive-ransomware-outage-beware-ai-links/&url=SK Telecom Breach, Massive Ransomware Outage, Beware AI Links" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2025/07/SK-Telecom-Breach-Massive-Ransomware-Outage-Beware-AI-Links.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/sk-telecom-breach-massive-ransomware-outage-beware-ai-links/" class="input-link input-link-29413" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-29413" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

						<input type="text" value='<blockquote class="wp-embedded-content" data-secret="hjSiqwEnHj"><a href="https://dmarcreport.com/blog/podcast/sk-telecom-breach-massive-ransomware-outage-beware-ai-links/">SK Telecom Breach, Massive Ransomware Outage, Beware AI Links</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://dmarcreport.com/blog/podcast/sk-telecom-breach-massive-ransomware-outage-beware-ai-links/embed/#?secret=hjSiqwEnHj" width="500" height="350" title=""SK Telecom Breach, Massive Ransomware Outage, Beware AI Links" - DMARC Report" data-secret="hjSiqwEnHj" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script>

/*! This file is auto-generated / !function(d,l){“use strict”;l.querySelector&&d.addEventListener&&“undefined”!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll(‘iframe[data-secret=”‘+t.secret+’”]’),o=l.querySelectorAll(‘blockquote[data-secret=”‘+t.secret+’”]’),c=new RegExp(“^https?:$”,“i”),i=0;i<o.length;i++)o[i].style.display=“none”;for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(“style”),“height”===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):“link”===t.message&&(r=new URL(s.getAttribute(“src”)),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(“message”,d.wp.receiveEmbedMessage,!1),l.addEventListener(“DOMContentLoaded”,function(){for(var e,t,s=l.querySelectorAll(“iframe.wp-embedded-content”),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(“data-secret”))||(t=Math.random().toString(36).substring(2,12),e.src+=”#?secret=“+t,e.setAttribute(“data-secret”,t)),e.contentWindow.postMessage({message:“ready”,secret:t},"")},!1)))}(window,document); //# sourceURL=https://dmarcreport.com/wp-includes/js/wp-embed.min.js ’ title=“Embed Code” class=“input-embed input-embed-29413” readonly/>

					<button class="copy-embed copy-embed-29413" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

Hey people! Welcome to July week 2. Here comes our fresh dose of cyber bulletin that will keep you up-to-date on the latest cyber incidents and will also help you protect yourself from potential cyber scams. This week, we will talk about the SK Telecom breach in South Korea that led to penalties being levied. Next, we will focus on the Ingram Micro widespread outage. Lastly, we will discuss the chances of ChatGPT and Perplexity links being potentially malicious.

So, let’s not waste any more time and start with the detailed bulletin.

SK Telecom breach leads to penalties and stringent legalities

SK Telecom, a mobile telecommunications service provider in South Korea, has experienced a data breach recently. The government has levied a fine on SK Telecom, as it has “failed to fulfil its obligations” of offering a secure communication system to its users.

A joint public-private investigation has been conducted against the **42,000 servers of SK Telecom. The investigation revealed that **28 of these servers were compromised by 33 distinct malware strains. As a result, the telecom service provider will now have to pay USD 21,890 (30 Million Won). The fine has been imposed because SK Telecom significantly delayed the reporting process after the breach. Apart from the penalty, the telecom service provider is also required to cater to certain stringent legal requirements. This includes conducting quarterly security assessments, enabling subscribers to cancel out the subscriptions without paying any fine, and offering users a free-of-cost USIM swap service.

Yoo Sang-im, the Minister of Science and Information and Communication Technology, believes that this data breach at the **nation’s largest telecom service provider is a staggering reminder of the vulnerability of the telecom industry and related infrastructures to cyberattacks.

Ransomware attack responsible for the massive outage at Ingram Micro

Ingram Micro experienced a ransomware attack on Thursday. The **IT distributor has to bring down its website. The attack was planned strategically just before the 4th of July weekend started. Two days later, Ingram informed customers about the ransomware attack.

Ingram took prompt action to secure the entire system and switched it to offline mode. It also implemented remedial measures. Ingram Micro collaborated with a cybersecurity company to investigate the attack further and also reported the breach to law enforcement agencies.

As of now, the IT distributor is “working diligently” to restore the disrupted services. They have also sincerely apologized for the inconvenience caused to the vendors as well as customers.

Ingram Micro filed an **8K form with the US Securities and Exchange Commission on Saturday.

The **IT distributor has published a dedicated page this Monday to keep all the stakeholders informed about the latest updates around the cyberattack. They also notified that the subscribers can now place orders by email or phone from multiple countries like Germany, France, Italy, Brazil, and so on.

As per speculations, the ransomware attack has been carried out by a group called SafePay. But official confirmation has not been made yet. So far, the data from Ingram has not been published on the Dark Web yet.

DMARC, DKIM, and SPF help prevent phishing and spoofing, offering vital protection against ransomware threats.

Beware of clicking on the links shared by ChatGPT and Perplexity

If you search for anything and everything on ChatGPT and Perplexity, then you have to see this!

Netcraft has published a report that claims AI tools can actually share malicious links that can redirect you to phishing pages. As per the report, OpenAI GPT-4.1 was asked to share 50 band links. The AI tool could share only 66%** correct links. The rest of the links shared were harmful in nature and could have led users to phishing scams.

The report also mentioned about **17 K AI-written Gitbook phishing pages that promote themselves as legitimate support hubs . This may convince the users to trust the malicious links as genuine ones and then fall prey to cyberattacks.

Perplexity has also shared the link to a phishing site, as the researchers asked for the URL to Wells Fargo**. Netcraft has observed other malpractices as well, and this is exactly why you should trust the OpenAI CEO. Recently, he said that users must not trust AI tools blindly.

Sophisticated campaigns are being run by threat actors to “poison” AI coding assistants. Some of the cybercrooks designed a malicious API that impersonates the genuine Solana blockchain. Soon, developers mistakenly included it in their projects._ The threat actors thus very cleverly managed to channel all transactions directly to their wallets_.

All these sophisticated tactics by threat actors are a grim reminder that **artificial intelligence is not fail-proof. It is important to use the AI tools responsibly, or you can end up being scammed by a cyberattacker.