Naver 'Band' Accounts Hijacked, Turning into Adult Advertisement Platforms

The "My Info" page of a Naver Band account whose security was breached. The profile has been changed to information different from the actual account owner. The account appears to have been used for adult content advertisements by joining multiple bands. (Photo by Band capture)

[Asia Economy Reporter Lee Seung-jin] A security alert has been issued for Naver's community service ‘Band’ accounts. This is due to a series of suspected account hijacking cases recently. Accounts with compromised personal information have been used for adult advertisements or have led to crimes utilizing the original account owner's personal data.

The reporter was shocked after logging into Band for the first time in two years. Dozens of Bands that had never been joined were added. The profile showed a photo of an unknown woman along with an age and name different from reality.

After checking the chat list, the surprise deepened. There were traces of chat attempts sent to all users of the joined Bands. The number reached at least several hundred. It was unclear whether the chat contents were deleted or if the chats never actually continued, as the exchanged messages could not be confirmed.

Hastily reviewing the login history, it was confirmed that there was access from an unused device in October last year. The account had been converted to dormant status in 2020 but was somehow reactivated and used. Looking at the Bands joined, hundreds of accounts appeared to have had their security breached. For example, dozens of accounts in the format ‘Kim Su-jin/83/Daegu’ existed in Bands related to excavators. Such accounts were frequently joining Bands.

Illegal promotion of band growth posted on the band. The advertisement claims that the number of band members can be increased through methods such as account theft. (Photo by Band capture)

After informing acquaintances about the Band account being hacked, a friend who had not logged into Band for a long time also confirmed their account was compromised around the same time. Additionally, similar cases were easily found through online searches.

Compromised accounts appear to be mainly used for adult advertisements. Some users complained that their accounts were suspended due to excessive spam advertising without their knowledge. One user suffered distress when a message impersonating them was sent to acquaintances demanding money.

Cases related to boosting Band membership were also identified. One user, claiming to be a ‘Band member guarantee service,’ promoted that they could add everyone from inactive to active members to Bands. This seems to be an attempt to explosively increase Band members through account hijacking and thereby raise advertising revenue within Bands.

A subscriber list of a band with about 700 members. All subscribers have the same activity name within the band. Most of these subscribers are suspected to have had their accounts stolen or hacked. (Photo by Band capture)

The reporter inquired with Band customer service to find out how the account was compromised and what activities were conducted by others. The response was that it could not be confirmed. Individuals must check whether compromised accounts were used for crimes or if any financial damage occurred.

Naver explained that monitoring is conducted regularly, but similar cases have continued for years. Also, unless users input phone or email information, there is no way to send separate alerts to warn them.

Ultimately, the only way to prevent similar cases is for individuals to strengthen their security measures, such as enabling ‘two-step login verification.’ Naver stated, “If personal information is leaked externally, we cannot take separate action,” and advised, “Change passwords frequently and do not use the same ID and password across multiple services.”

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.