The Gyeonggi Nambu Provincial Police Agency referred four core suspects—a hacker in his 30s and three accomplices in their 20s—to the prosecution, accusing them of forming an organized criminal group. The investigation revealed that the hacker began his operation in January 2022 by tricking nine massage parlor owners in Seoul, Gyeonggi, and Daegu into installing a malicious app under the guise of a business tool. This app secretly siphoned off sensitive client data, including contacts, messages, and call records.
The accomplices subsequently set up an office in Busan and utilized this stolen information to execute their blackmail scheme, which ultimately targeted 62 victims. They managed to extort a total of approximately 500 million won ($351,000) through these fraudulent threats.
To coerce their victims, the suspects falsely claimed, “We have footage of you visiting a massage parlor,” and threatened to share the non-existent videos with the victims’ “family, friends and your wife” unless a payment was made. The individual amounts extorted ranged significantly, from 1.5 million to 47 million won, with the money being funneled through accounts opened under borrowed names to hide their tracks.
The police initiated their investigation in July 2022 after discovering the group’s elaborate setup during a separate case. The criminals had thoroughly prepared their operation, equipping their office with laptops and burner phones, and drafting detailed, menacing scripts for their blackmail calls, which often included threats like, “We installed a camera in the massage room and recorded your session—we’ll send it to your contacts if you don’t pay.” Investigators made the first arrest in August 2023, and although the hacker was already in detention for an unrelated cybercrime, the ring’s other members were tracked down, with the final main suspect referred to prosecutors on October 23 of this year.
In addition to the core members, police also apprehended ten other accomplices, bringing the total number of individuals involved in the case to 15. This group included five people who provided support—supplying phones, driver’s licenses, cars, and lodging to the fugitives—and another five who were responsible for laundering the extorted money. A police official has since issued a cautionary statement, urging the public to be wary of apps shared through unofficial channels, noting that they are a significant source of data leaks, and advising people to immediately block and refuse to comply with any suspicious calls demanding money.
Reference:
